1998-11-12 06:01:27 +00:00
|
|
|
/* file.c
|
|
|
|
*
|
2001-11-13 23:55:44 +00:00
|
|
|
* $Id: file.c,v 1.74 2001/11/13 23:55:43 gram Exp $
|
1998-11-12 06:01:27 +00:00
|
|
|
*
|
|
|
|
* Wiretap Library
|
2001-11-13 23:55:44 +00:00
|
|
|
* Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
|
1998-11-12 06:01:27 +00:00
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
* as published by the Free Software Foundation; either version 2
|
|
|
|
* of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
|
|
|
*
|
|
|
|
*/
|
1999-07-13 02:53:26 +00:00
|
|
|
#ifdef HAVE_CONFIG_H
|
|
|
|
#include "config.h"
|
|
|
|
#endif
|
2000-01-10 17:33:17 +00:00
|
|
|
|
1998-11-12 00:06:47 +00:00
|
|
|
#include <stdio.h>
|
|
|
|
#include <string.h>
|
1998-11-12 23:29:34 +00:00
|
|
|
#include <stdlib.h>
|
2000-08-11 13:37:21 +00:00
|
|
|
|
|
|
|
#ifdef HAVE_FCNTL_H
|
|
|
|
#include <fcntl.h>
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#ifdef HAVE_SYS_STAT_H
|
1999-08-15 06:59:13 +00:00
|
|
|
#include <sys/stat.h>
|
2000-08-11 13:37:21 +00:00
|
|
|
#endif
|
|
|
|
|
2001-10-28 01:51:46 +00:00
|
|
|
#ifdef HAVE_UNISTD_H
|
|
|
|
#include <unistd.h>
|
|
|
|
#endif
|
|
|
|
|
1999-08-15 06:59:13 +00:00
|
|
|
#include <errno.h>
|
2000-01-10 17:33:17 +00:00
|
|
|
|
|
|
|
#ifdef HAVE_IO_H
|
|
|
|
#include <io.h> /* open/close on win32 */
|
|
|
|
#endif
|
|
|
|
|
2000-05-19 23:07:04 +00:00
|
|
|
#include "wtap-int.h"
|
2000-01-13 07:09:20 +00:00
|
|
|
#include "file_wrappers.h"
|
1999-03-01 18:57:07 +00:00
|
|
|
#include "buffer.h"
|
1998-11-12 06:01:27 +00:00
|
|
|
#include "lanalyzer.h"
|
|
|
|
#include "ngsniffer.h"
|
Check in Olivier Abad's patch to add dissectors for LAP-B and X.25, and
wiretap support for RADCOM Ltd.'s WAN/LAN analyzers (see
http://www.radcom-inc.com/
). Note: as I remember, IEEE 802.2/ISO 8022 LLC has somewhat of an SDLC
flavor to it, just as I think LAP, LAPB, LAPD, and so on do, so we may
be able to combine some of the LLC dissection and the LAPB dissection
into common code that could, conceivably be used for other SDLC-flavored
protocols.
Make "S" a mnemonic for "Summary" in the "Tools" menu.
Move the routine, used for the "Tools/Summary" display, that turns a
wiretap file type into a descriptive string for it into the wiretap
library itself, expand on some of its descriptions, and add an entry for
files from a RADCOM analyzer.
Have "Tools/Summary" display the snapshot length for the capture.
svn path=/trunk/; revision=416
1999-08-02 02:04:38 +00:00
|
|
|
#include "radcom.h"
|
1999-09-11 04:50:44 +00:00
|
|
|
#include "ascend.h"
|
1999-10-18 01:51:34 +00:00
|
|
|
#include "nettl.h"
|
1998-11-15 05:29:17 +00:00
|
|
|
#include "libpcap.h"
|
|
|
|
#include "snoop.h"
|
1999-01-02 06:10:55 +00:00
|
|
|
#include "iptrace.h"
|
1999-01-17 09:33:15 +00:00
|
|
|
#include "netmon.h"
|
1999-02-20 06:49:27 +00:00
|
|
|
#include "netxray.h"
|
1999-10-31 17:46:11 +00:00
|
|
|
#include "toshiba.h"
|
1999-12-12 22:40:10 +00:00
|
|
|
#include "i4btrace.h"
|
2000-08-08 22:16:42 +00:00
|
|
|
#include "csids.h"
|
2000-09-19 17:22:11 +00:00
|
|
|
#include "pppdump.h"
|
2001-02-22 22:03:31 +00:00
|
|
|
#include "etherpeek.h"
|
2001-10-18 20:29:56 +00:00
|
|
|
#include "vms.h"
|
2001-10-19 20:18:48 +00:00
|
|
|
#include "dbs-etherwatch.h"
|
1998-11-12 00:06:47 +00:00
|
|
|
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
/* The open_file_* routines should return:
|
|
|
|
*
|
|
|
|
* -1 on an I/O error;
|
|
|
|
*
|
|
|
|
* 1 if the file they're reading is one of the types it handles;
|
|
|
|
*
|
|
|
|
* 0 if the file they're reading isn't the type they're checking for.
|
|
|
|
*
|
|
|
|
* If the routine handles this type of file, it should set the "file_type"
|
|
|
|
* field in the "struct wtap" to the type of the file.
|
|
|
|
*
|
|
|
|
* XXX - I need to drag my damn ANSI C spec in to figure out how to
|
|
|
|
* declare a "const" array of pointers to functions; putting "const"
|
|
|
|
* right after "static" isn't the right answer, at least according
|
|
|
|
* to GCC, which whines if I do that.
|
1999-10-31 17:46:11 +00:00
|
|
|
*
|
|
|
|
* Put the trace files that are merely saved telnet-sessions last, since it's
|
|
|
|
* possible that you could have captured someone a router telnet-session
|
|
|
|
* using another tool. So, a libpcap trace of an toshiba "snoop" session
|
|
|
|
* should be discovered as a libpcap file, not a toshiba file.
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
static int (*open_routines[])(wtap *, int *) = {
|
1999-10-31 17:46:11 +00:00
|
|
|
/* Files that have magic bytes in fixed locations. These
|
|
|
|
* are easy to identify.
|
|
|
|
*/
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
libpcap_open,
|
|
|
|
lanalyzer_open,
|
|
|
|
ngsniffer_open,
|
|
|
|
snoop_open,
|
|
|
|
iptrace_open,
|
|
|
|
netmon_open,
|
|
|
|
netxray_open,
|
1999-09-11 04:50:44 +00:00
|
|
|
radcom_open,
|
1999-10-31 17:46:11 +00:00
|
|
|
nettl_open,
|
2000-09-19 17:22:11 +00:00
|
|
|
pppdump_open,
|
2001-02-22 22:03:31 +00:00
|
|
|
etherpeek_open,
|
1999-10-31 17:46:11 +00:00
|
|
|
|
|
|
|
/* Files whose magic headers are in text *somewhere* in the
|
|
|
|
* file (usually because the trace is just a saved copy of
|
|
|
|
* the telnet session).
|
|
|
|
*/
|
1999-10-18 01:51:34 +00:00
|
|
|
ascend_open,
|
1999-10-31 17:46:11 +00:00
|
|
|
toshiba_open,
|
1999-12-12 22:40:10 +00:00
|
|
|
i4btrace_open,
|
2000-08-08 22:16:42 +00:00
|
|
|
csids_open,
|
2001-10-18 20:29:56 +00:00
|
|
|
vms_open,
|
2001-10-19 20:18:48 +00:00
|
|
|
dbs_etherwatch_open,
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
};
|
|
|
|
|
2000-07-31 04:19:54 +00:00
|
|
|
#define N_FILE_TYPES (sizeof open_routines / sizeof open_routines[0])
|
|
|
|
|
2001-10-04 08:30:36 +00:00
|
|
|
int wtap_def_seek_read(wtap *wth, long seek_off,
|
2000-05-19 23:07:04 +00:00
|
|
|
union wtap_pseudo_header *pseudo_header, guint8 *pd, int len)
|
1999-09-11 04:50:44 +00:00
|
|
|
{
|
2000-05-18 09:09:50 +00:00
|
|
|
file_seek(wth->random_fh, seek_off, SEEK_SET);
|
|
|
|
|
|
|
|
return file_read(pd, sizeof(guint8), len, wth->random_fh);
|
1999-09-11 04:50:44 +00:00
|
|
|
}
|
|
|
|
|
2000-07-31 04:48:54 +00:00
|
|
|
/*
|
|
|
|
* Visual C++ on Win32 systems doesn't define these. (Old UNIX systems don't
|
|
|
|
* define them either.)
|
|
|
|
*
|
|
|
|
* Visual C++ on Win32 systems doesn't define S_IFIFO, it defines _S_IFIFO.
|
|
|
|
*/
|
2000-07-31 04:19:54 +00:00
|
|
|
#ifndef S_ISREG
|
|
|
|
#define S_ISREG(mode) (((mode) & S_IFMT) == S_IFREG)
|
|
|
|
#endif
|
|
|
|
#ifndef S_IFIFO
|
|
|
|
#define S_IFIFO _S_IFIFO
|
|
|
|
#endif
|
|
|
|
#ifndef S_ISFIFO
|
|
|
|
#define S_ISFIFO(mode) (((mode) & S_IFMT) == S_IFIFO)
|
|
|
|
#endif
|
|
|
|
#ifndef S_ISDIR
|
|
|
|
#define S_ISDIR(mode) (((mode) & S_IFMT) == S_IFDIR)
|
|
|
|
#endif
|
1998-11-12 00:06:47 +00:00
|
|
|
|
2000-05-18 09:09:50 +00:00
|
|
|
/* Opens a file and prepares a wtap struct.
|
|
|
|
If "do_random" is TRUE, it opens the file twice; the second open
|
|
|
|
allows the application to do random-access I/O without moving
|
|
|
|
the seek offset for sequential I/O, which is used by Ethereal
|
|
|
|
so that it can do sequential I/O to a capture file that's being
|
|
|
|
written to as new packets arrive independently of random I/O done
|
|
|
|
to display protocol trees for packets when they're selected. */
|
|
|
|
wtap* wtap_open_offline(const char *filename, int *err, gboolean do_random)
|
1998-11-12 00:06:47 +00:00
|
|
|
{
|
1999-08-15 06:59:13 +00:00
|
|
|
struct stat statb;
|
1998-11-12 00:06:47 +00:00
|
|
|
wtap *wth;
|
2001-07-13 00:55:58 +00:00
|
|
|
unsigned int i;
|
1998-11-12 00:06:47 +00:00
|
|
|
|
1999-08-15 06:59:13 +00:00
|
|
|
/* First, make sure the file is valid */
|
1999-08-18 04:41:20 +00:00
|
|
|
if (stat(filename, &statb) < 0) {
|
1999-08-15 06:59:13 +00:00
|
|
|
*err = errno;
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
if (! S_ISREG(statb.st_mode) && ! S_ISFIFO(statb.st_mode)) {
|
In Tethereal:
When capturing, report errors trying to create the output file
with "file_open_error_message()".
Make the "for_writing" argument to "file_open_error_message()" a
"gboolean", as it's either TRUE (if the file is being opened for
writing) or FALSE (if it's being opened for reading).
Report EISDIR as "XXX is a directory (folder), not a file.".
When checking whether an "open()" of a capture file succeeded, check
whether "open()" returns a negative number, not whether it returns 0.
In "wtap_open_offline()", if the file to be opened is a directory,
return EISDIR, not WTAP_ERR_NOT_REGULAR_FILE, so that the error message
can say "that's a directory, not a file".
If "wtap_open_offline()" returns WTAP_ERR_NOT_REGULAR_FILE, don't just
say the file is "invalid", say it's a "special file" or socket or some
other weird type of file.
svn path=/trunk/; revision=2144
2000-07-20 09:39:43 +00:00
|
|
|
if (S_ISDIR(statb.st_mode))
|
|
|
|
*err = EISDIR;
|
|
|
|
else
|
|
|
|
*err = WTAP_ERR_NOT_REGULAR_FILE;
|
1999-08-15 06:59:13 +00:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
1999-08-18 04:41:20 +00:00
|
|
|
errno = ENOMEM;
|
1999-11-10 19:47:57 +00:00
|
|
|
wth = g_malloc(sizeof(wtap));
|
1999-08-18 04:41:20 +00:00
|
|
|
if (wth == NULL) {
|
|
|
|
*err = errno;
|
|
|
|
return NULL;
|
|
|
|
}
|
1998-11-12 00:06:47 +00:00
|
|
|
|
2000-01-24 19:16:39 +00:00
|
|
|
/* Win32 needs the O_BINARY flag for open() */
|
|
|
|
#ifndef O_BINARY
|
|
|
|
#define O_BINARY 0
|
|
|
|
#endif
|
|
|
|
|
1998-11-12 00:06:47 +00:00
|
|
|
/* Open the file */
|
1999-08-18 04:41:20 +00:00
|
|
|
errno = WTAP_ERR_CANT_OPEN;
|
In Tethereal:
When capturing, report errors trying to create the output file
with "file_open_error_message()".
Make the "for_writing" argument to "file_open_error_message()" a
"gboolean", as it's either TRUE (if the file is being opened for
writing) or FALSE (if it's being opened for reading).
Report EISDIR as "XXX is a directory (folder), not a file.".
When checking whether an "open()" of a capture file succeeded, check
whether "open()" returns a negative number, not whether it returns 0.
In "wtap_open_offline()", if the file to be opened is a directory,
return EISDIR, not WTAP_ERR_NOT_REGULAR_FILE, so that the error message
can say "that's a directory, not a file".
If "wtap_open_offline()" returns WTAP_ERR_NOT_REGULAR_FILE, don't just
say the file is "invalid", say it's a "special file" or socket or some
other weird type of file.
svn path=/trunk/; revision=2144
2000-07-20 09:39:43 +00:00
|
|
|
wth->fd = open(filename, O_RDONLY|O_BINARY);
|
|
|
|
if (wth->fd < 0) {
|
1999-09-23 04:39:01 +00:00
|
|
|
*err = errno;
|
1999-11-10 19:47:57 +00:00
|
|
|
g_free(wth);
|
1999-09-23 04:39:01 +00:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
if (!(wth->fh = filed_open(wth->fd, "rb"))) {
|
1999-08-15 06:59:13 +00:00
|
|
|
*err = errno;
|
1999-11-10 19:47:57 +00:00
|
|
|
g_free(wth);
|
1998-11-12 00:06:47 +00:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2000-05-18 09:09:50 +00:00
|
|
|
if (do_random) {
|
|
|
|
if (!(wth->random_fh = file_open(filename, "rb"))) {
|
|
|
|
*err = errno;
|
|
|
|
file_close(wth->fh);
|
|
|
|
g_free(wth);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
} else
|
|
|
|
wth->random_fh = NULL;
|
|
|
|
|
1999-03-01 18:57:07 +00:00
|
|
|
/* initialization */
|
1999-08-22 02:29:40 +00:00
|
|
|
wth->file_encap = WTAP_ENCAP_UNKNOWN;
|
1999-08-28 01:19:45 +00:00
|
|
|
wth->data_offset = 0;
|
2000-05-25 09:00:24 +00:00
|
|
|
wth->subtype_sequential_close = NULL;
|
2000-03-22 07:06:59 +00:00
|
|
|
wth->subtype_close = NULL;
|
1999-03-01 18:57:07 +00:00
|
|
|
|
|
|
|
/* Try all file types */
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
for (i = 0; i < N_FILE_TYPES; i++) {
|
2001-03-10 06:33:58 +00:00
|
|
|
/* Seek back to the beginning of the file; the open routine
|
|
|
|
for the previous file type may have left the file
|
|
|
|
position somewhere other than the beginning, and the
|
|
|
|
open routine for this file type will probably want
|
|
|
|
to start reading at the beginning.
|
|
|
|
|
|
|
|
Initialize the data offset while we're at it. */
|
|
|
|
file_seek(wth->fh, 0, SEEK_SET);
|
|
|
|
wth->data_offset = 0;
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
switch ((*open_routines[i])(wth, err)) {
|
1998-11-12 00:06:47 +00:00
|
|
|
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
case -1:
|
|
|
|
/* I/O error - give up */
|
2001-03-09 07:11:38 +00:00
|
|
|
if (wth->random_fh != NULL)
|
|
|
|
file_close(wth->random_fh);
|
1999-09-22 01:26:50 +00:00
|
|
|
file_close(wth->fh);
|
1999-11-10 19:47:57 +00:00
|
|
|
g_free(wth);
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
return NULL;
|
|
|
|
|
|
|
|
case 0:
|
|
|
|
/* No I/O error, but not that type of file */
|
|
|
|
break;
|
|
|
|
|
|
|
|
case 1:
|
|
|
|
/* We found the file type */
|
|
|
|
goto success;
|
|
|
|
}
|
1999-02-20 06:49:27 +00:00
|
|
|
}
|
1998-11-12 00:06:47 +00:00
|
|
|
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
/* Well, it's not one of the types of file we know about. */
|
2000-05-18 09:09:50 +00:00
|
|
|
if (wth->random_fh != NULL)
|
|
|
|
file_close(wth->random_fh);
|
1999-09-22 01:26:50 +00:00
|
|
|
file_close(wth->fh);
|
1999-11-10 19:47:57 +00:00
|
|
|
g_free(wth);
|
1999-08-15 06:59:13 +00:00
|
|
|
*err = WTAP_ERR_FILE_UNKNOWN_FORMAT;
|
|
|
|
return NULL;
|
1998-11-12 00:06:47 +00:00
|
|
|
|
|
|
|
success:
|
1999-03-01 18:57:07 +00:00
|
|
|
wth->frame_buffer = g_malloc(sizeof(struct Buffer));
|
|
|
|
buffer_init(wth->frame_buffer, 1500);
|
1998-11-12 00:06:47 +00:00
|
|
|
return wth;
|
|
|
|
}
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
|
1999-12-04 08:32:14 +00:00
|
|
|
/* Table of the file types we know about. */
|
2001-07-13 00:55:58 +00:00
|
|
|
static const struct file_type_info {
|
1999-12-04 08:32:14 +00:00
|
|
|
const char *name;
|
1999-12-04 21:20:09 +00:00
|
|
|
const char *short_name;
|
1999-12-04 09:38:38 +00:00
|
|
|
int (*can_write_encap)(int, int);
|
1999-12-04 08:32:14 +00:00
|
|
|
int (*dump_open)(wtap_dumper *, int *);
|
|
|
|
} dump_open_table[WTAP_NUM_FILE_TYPES] = {
|
|
|
|
/* WTAP_FILE_UNKNOWN */
|
1999-12-04 21:20:09 +00:00
|
|
|
{ NULL, NULL,
|
1999-12-04 08:32:14 +00:00
|
|
|
NULL, NULL },
|
|
|
|
|
|
|
|
/* WTAP_FILE_WTAP */
|
1999-12-04 21:20:09 +00:00
|
|
|
{ "Wiretap (Ethereal)", NULL,
|
1999-12-04 08:32:14 +00:00
|
|
|
NULL, NULL },
|
|
|
|
|
|
|
|
/* WTAP_FILE_PCAP */
|
1999-12-05 01:23:22 +00:00
|
|
|
{ "libpcap (tcpdump, Ethereal, etc.)", "libpcap",
|
1999-12-04 09:38:38 +00:00
|
|
|
libpcap_dump_can_write_encap, libpcap_dump_open },
|
1999-12-04 08:32:14 +00:00
|
|
|
|
2000-07-26 06:04:34 +00:00
|
|
|
/* WTAP_FILE_PCAP_SS990417 */
|
|
|
|
{ "Red Hat Linux 6.1 libpcap (tcpdump)", "rh6_1libpcap",
|
Provide different file types for "modified" and Red Hat 6.1 "libpcap"
files (the former have a different per-packet header, and a different
magic number, from the standard "libpcap"; the latter have the same
per-packet header as "modified" "libpcap" files, but the same magic
number as standard "libpcap" files, sigh).
Support writing "libpcap" captures in all three formats (so that, for
example, people running Ethereal on RH 6.1 can write out captures that
the "tcpdump" that comes with RH 6.1 can read, although that's not the
default format we save in - there's no way to tell whether you're
running on RH 6.1, as far as I know; "uname()" just tells you, on Linux
systems, that the kernel is Linux 2.x, and what "x" is, it doesn't say
what the *rest* of the system is).
Fix the table in "file.c" to use Olivier's code for writing Sniffer
files.
svn path=/trunk/; revision=1288
1999-12-11 00:40:40 +00:00
|
|
|
libpcap_dump_can_write_encap, libpcap_dump_open },
|
|
|
|
|
2000-07-26 06:04:34 +00:00
|
|
|
/* WTAP_FILE_PCAP_SS990915 */
|
|
|
|
{ "SuSE Linux 6.3 libpcap (tcpdump)", "suse6_3libpcap",
|
|
|
|
libpcap_dump_can_write_encap, libpcap_dump_open },
|
|
|
|
|
|
|
|
/* WTAP_FILE_PCAP_SS991029 */
|
|
|
|
{ "modified libpcap (tcpdump)", "modlibpcap",
|
Provide different file types for "modified" and Red Hat 6.1 "libpcap"
files (the former have a different per-packet header, and a different
magic number, from the standard "libpcap"; the latter have the same
per-packet header as "modified" "libpcap" files, but the same magic
number as standard "libpcap" files, sigh).
Support writing "libpcap" captures in all three formats (so that, for
example, people running Ethereal on RH 6.1 can write out captures that
the "tcpdump" that comes with RH 6.1 can read, although that's not the
default format we save in - there's no way to tell whether you're
running on RH 6.1, as far as I know; "uname()" just tells you, on Linux
systems, that the kernel is Linux 2.x, and what "x" is, it doesn't say
what the *rest* of the system is).
Fix the table in "file.c" to use Olivier's code for writing Sniffer
files.
svn path=/trunk/; revision=1288
1999-12-11 00:40:40 +00:00
|
|
|
libpcap_dump_can_write_encap, libpcap_dump_open },
|
1999-12-04 08:32:14 +00:00
|
|
|
|
2000-09-15 07:52:43 +00:00
|
|
|
/* WTAP_FILE_PCAP_NOKIA */
|
|
|
|
{ "Nokia libpcap (tcpdump)", "nokialibpcap",
|
|
|
|
libpcap_dump_can_write_encap, libpcap_dump_open },
|
|
|
|
|
Add in some heuristics to try to detect AIX libpcap format. (This works
with one capture I've seen, but perhaps that was done with an old
version of AIX, and newer versions use a minor version number, in the
file, of 4.
However, libpcap hasn't used a minor version of 2 for ages, so perhaps
AIX hasn't updated their libpcap in ages, and aren't about to do so
soon. If they do, let's hope they change the magic number. The capture
file in question *does* have the capture length and real length in the
old, pre-2.3, order, so it really looks as if it's an old version,
rather than IBM trying to be "helpful" by using a different minor
version number so that you can distinguish between normal libpcap and
AIX libpcap formats.)
svn path=/trunk/; revision=4164
2001-11-06 01:55:14 +00:00
|
|
|
/* WTAP_FILE_PCAP_AIX */
|
|
|
|
{ "AIX libpcap (tcpdump)", NULL,
|
|
|
|
NULL, NULL },
|
|
|
|
|
1999-12-04 08:32:14 +00:00
|
|
|
/* WTAP_FILE_LANALYZER */
|
1999-12-04 21:20:09 +00:00
|
|
|
{ "Novell LANalyzer", NULL,
|
1999-12-04 08:32:14 +00:00
|
|
|
NULL, NULL },
|
|
|
|
|
2000-05-25 09:00:24 +00:00
|
|
|
/* WTAP_FILE_NGSNIFFER_UNCOMPRESSED */
|
Provide different file types for "modified" and Red Hat 6.1 "libpcap"
files (the former have a different per-packet header, and a different
magic number, from the standard "libpcap"; the latter have the same
per-packet header as "modified" "libpcap" files, but the same magic
number as standard "libpcap" files, sigh).
Support writing "libpcap" captures in all three formats (so that, for
example, people running Ethereal on RH 6.1 can write out captures that
the "tcpdump" that comes with RH 6.1 can read, although that's not the
default format we save in - there's no way to tell whether you're
running on RH 6.1, as far as I know; "uname()" just tells you, on Linux
systems, that the kernel is Linux 2.x, and what "x" is, it doesn't say
what the *rest* of the system is).
Fix the table in "file.c" to use Olivier's code for writing Sniffer
files.
svn path=/trunk/; revision=1288
1999-12-11 00:40:40 +00:00
|
|
|
{ "Network Associates Sniffer (DOS-based)", "ngsniffer",
|
|
|
|
ngsniffer_dump_can_write_encap, ngsniffer_dump_open },
|
1999-12-04 08:32:14 +00:00
|
|
|
|
2000-05-25 09:00:24 +00:00
|
|
|
/* WTAP_FILE_NGSNIFFER_COMPRESSED */
|
|
|
|
{ "Network Associates Sniffer (DOS-based), compressed", "ngsniffer_comp",
|
|
|
|
NULL, NULL },
|
|
|
|
|
1999-12-04 08:32:14 +00:00
|
|
|
/* WTAP_FILE_SNOOP */
|
1999-12-05 01:23:22 +00:00
|
|
|
{ "Sun snoop", "snoop",
|
1999-12-04 09:38:38 +00:00
|
|
|
snoop_dump_can_write_encap, snoop_dump_open },
|
1999-12-04 08:32:14 +00:00
|
|
|
|
|
|
|
/* WTAP_FILE_IPTRACE_1_0 */
|
1999-12-04 21:20:09 +00:00
|
|
|
{ "AIX iptrace 1.0", NULL,
|
1999-12-04 08:32:14 +00:00
|
|
|
NULL, NULL },
|
|
|
|
|
|
|
|
/* WTAP_FILE_IPTRACE_2_0 */
|
1999-12-04 21:20:09 +00:00
|
|
|
{ "AIX iptrace 2.0", NULL,
|
1999-12-04 08:32:14 +00:00
|
|
|
NULL, NULL },
|
|
|
|
|
|
|
|
/* WTAP_FILE_NETMON_1_x */
|
1999-12-04 21:20:09 +00:00
|
|
|
{ "Microsoft Network Monitor 1.x", "netmon1",
|
1999-12-04 09:38:38 +00:00
|
|
|
netmon_dump_can_write_encap, netmon_dump_open },
|
1999-12-04 08:32:14 +00:00
|
|
|
|
|
|
|
/* WTAP_FILE_NETMON_2_x */
|
2001-01-25 21:47:23 +00:00
|
|
|
{ "Microsoft Network Monitor 2.x", "netmon2",
|
|
|
|
netmon_dump_can_write_encap, netmon_dump_open },
|
1999-12-04 08:32:14 +00:00
|
|
|
|
|
|
|
/* WTAP_FILE_NETXRAY_1_0 */
|
1999-12-04 21:20:09 +00:00
|
|
|
{ "Cinco Networks NetXRay", NULL,
|
1999-12-04 08:32:14 +00:00
|
|
|
NULL, NULL },
|
|
|
|
|
|
|
|
/* WTAP_FILE_NETXRAY_1_1 */
|
1999-12-15 01:34:17 +00:00
|
|
|
{ "Network Associates Sniffer (Windows-based) 1.1", "ngwsniffer_1_1",
|
1999-12-14 01:12:59 +00:00
|
|
|
netxray_dump_can_write_encap, netxray_dump_open_1_1 },
|
1999-12-04 08:32:14 +00:00
|
|
|
|
2000-06-24 05:32:48 +00:00
|
|
|
/* WTAP_FILE_NETXRAY_2_00x */
|
|
|
|
{ "Network Associates Sniffer (Windows-based) 2.00x", NULL,
|
1999-12-04 08:32:14 +00:00
|
|
|
NULL, NULL },
|
|
|
|
|
|
|
|
/* WTAP_FILE_RADCOM */
|
1999-12-04 21:20:09 +00:00
|
|
|
{ "RADCOM WAN/LAN analyzer", NULL,
|
1999-12-04 08:32:14 +00:00
|
|
|
NULL, NULL },
|
|
|
|
|
|
|
|
/* WTAP_FILE_ASCEND */
|
1999-12-04 21:20:09 +00:00
|
|
|
{ "Lucent/Ascend access server trace", NULL,
|
1999-12-04 08:32:14 +00:00
|
|
|
NULL, NULL },
|
|
|
|
|
|
|
|
/* WTAP_FILE_NETTL */
|
1999-12-04 21:20:09 +00:00
|
|
|
{ "HP-UX nettl trace", NULL,
|
1999-12-04 08:32:14 +00:00
|
|
|
NULL, NULL },
|
|
|
|
|
|
|
|
/* WTAP_FILE_TOSHIBA */
|
1999-12-04 21:20:09 +00:00
|
|
|
{ "Toshiba Compact ISDN Router snoop trace", NULL,
|
1999-12-12 22:40:10 +00:00
|
|
|
NULL, NULL },
|
|
|
|
|
|
|
|
/* WTAP_FILE_I4BTRACE */
|
|
|
|
{ "I4B ISDN trace", NULL,
|
|
|
|
NULL, NULL },
|
|
|
|
|
2000-08-08 22:16:42 +00:00
|
|
|
/* WTAP_FILE_CSIDS */
|
|
|
|
{ "CSIDS IPLog", NULL,
|
|
|
|
NULL, NULL },
|
|
|
|
|
2000-09-19 17:22:11 +00:00
|
|
|
/* WTAP_FILE_PPPDUMP */
|
|
|
|
{ "pppd log (pppdump format)", NULL,
|
|
|
|
NULL, NULL },
|
|
|
|
|
2001-02-22 22:03:31 +00:00
|
|
|
/* WTAP_FILE_ETHERPEEK_MAC_V56 */
|
|
|
|
{ "Etherpeek trace (Macintosh V5 & V6)", NULL,
|
|
|
|
NULL, NULL },
|
|
|
|
|
|
|
|
/* WTAP_FILE_ETHERPEEK_MAC_V7 */
|
|
|
|
{ "Etherpeek trace (Macintosh V7)", NULL,
|
|
|
|
NULL, NULL },
|
2001-10-18 20:29:56 +00:00
|
|
|
|
|
|
|
/* WTAP_FILE_VMS */
|
|
|
|
{ "TCPIPtrace (VMS)", NULL,
|
|
|
|
NULL, NULL},
|
2001-10-19 20:18:48 +00:00
|
|
|
|
|
|
|
/* WTAP_FILE_DBS_ETHERWATCH */
|
|
|
|
{ "DBS Etherwatch (VMS)", NULL,
|
|
|
|
NULL, NULL},
|
1999-12-04 08:32:14 +00:00
|
|
|
};
|
|
|
|
|
1999-12-04 21:20:09 +00:00
|
|
|
/* Name that should be somewhat descriptive. */
|
1999-12-04 08:51:52 +00:00
|
|
|
const char *wtap_file_type_string(int filetype)
|
1999-12-04 08:32:14 +00:00
|
|
|
{
|
1999-12-04 08:51:52 +00:00
|
|
|
if (filetype < 0 || filetype >= WTAP_NUM_FILE_TYPES) {
|
|
|
|
g_error("Unknown capture file type %d", filetype);
|
1999-12-04 08:32:14 +00:00
|
|
|
return NULL;
|
|
|
|
} else
|
1999-12-04 08:51:52 +00:00
|
|
|
return dump_open_table[filetype].name;
|
1999-12-04 08:32:14 +00:00
|
|
|
}
|
|
|
|
|
1999-12-04 21:20:09 +00:00
|
|
|
/* Name to use in, say, a command-line flag specifying the type. */
|
|
|
|
const char *wtap_file_type_short_string(int filetype)
|
|
|
|
{
|
|
|
|
if (filetype < 0 || filetype >= WTAP_NUM_FILE_TYPES)
|
|
|
|
return NULL;
|
|
|
|
else
|
|
|
|
return dump_open_table[filetype].short_name;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Translate a short name to a capture file type. */
|
|
|
|
int wtap_short_string_to_file_type(const char *short_name)
|
|
|
|
{
|
|
|
|
int filetype;
|
|
|
|
|
|
|
|
for (filetype = 0; filetype < WTAP_NUM_FILE_TYPES; filetype++) {
|
1999-12-04 21:32:58 +00:00
|
|
|
if (dump_open_table[filetype].short_name != NULL &&
|
|
|
|
strcmp(short_name, dump_open_table[filetype].short_name) == 0)
|
1999-12-04 21:20:09 +00:00
|
|
|
return filetype;
|
|
|
|
}
|
|
|
|
return -1; /* no such file type, or we can't write it */
|
|
|
|
}
|
|
|
|
|
1999-12-04 09:38:38 +00:00
|
|
|
gboolean wtap_dump_can_open(int filetype)
|
1999-12-04 08:32:14 +00:00
|
|
|
{
|
1999-12-04 08:51:52 +00:00
|
|
|
if (filetype < 0 || filetype >= WTAP_NUM_FILE_TYPES
|
1999-12-04 08:32:14 +00:00
|
|
|
|| dump_open_table[filetype].dump_open == NULL)
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
1999-12-04 09:38:38 +00:00
|
|
|
gboolean wtap_dump_can_write_encap(int filetype, int encap)
|
1999-12-04 08:32:14 +00:00
|
|
|
{
|
1999-12-04 08:51:52 +00:00
|
|
|
if (filetype < 0 || filetype >= WTAP_NUM_FILE_TYPES
|
1999-12-04 09:38:38 +00:00
|
|
|
|| dump_open_table[filetype].can_write_encap == NULL)
|
1999-12-04 08:32:14 +00:00
|
|
|
return FALSE;
|
|
|
|
|
1999-12-04 09:38:38 +00:00
|
|
|
if ((*dump_open_table[filetype].can_write_encap)(filetype, encap) != 0)
|
1999-12-04 08:32:14 +00:00
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
return TRUE;
|
|
|
|
}
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
|
2001-10-16 04:58:24 +00:00
|
|
|
static gboolean wtap_dump_open_check(int filetype, int encap, int *err);
|
|
|
|
static wtap_dumper* wtap_dump_alloc_wdh(int filetype, int encap, int snaplen,
|
|
|
|
int *err);
|
|
|
|
static gboolean wtap_dump_open_finish(wtap_dumper *wdh, int filetype,
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
int encap, int snaplen, int *err);
|
|
|
|
|
|
|
|
wtap_dumper* wtap_dump_open(const char *filename, int filetype, int encap,
|
|
|
|
int snaplen, int *err)
|
|
|
|
{
|
2001-10-16 04:58:24 +00:00
|
|
|
wtap_dumper *wdh;
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
FILE *fh;
|
|
|
|
|
2001-10-16 04:58:24 +00:00
|
|
|
/* Check whether we can open a capture file with that file type
|
|
|
|
and that encapsulation. */
|
|
|
|
if (!wtap_dump_open_check(filetype, encap, err))
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
/* Allocate a data structure for the output stream. */
|
|
|
|
wdh = wtap_dump_alloc_wdh(filetype, encap, snaplen, err);
|
|
|
|
if (wdh == NULL)
|
|
|
|
return NULL; /* couldn't allocate it */
|
|
|
|
|
1999-09-23 05:00:59 +00:00
|
|
|
/* In case "fopen()" fails but doesn't set "errno", set "errno"
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
to a generic "the open failed" error. */
|
|
|
|
errno = WTAP_ERR_CANT_OPEN;
|
2000-02-03 06:31:30 +00:00
|
|
|
fh = fopen(filename, "wb");
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
if (fh == NULL) {
|
|
|
|
*err = errno;
|
|
|
|
return NULL; /* can't create file */
|
|
|
|
}
|
2001-10-16 04:58:24 +00:00
|
|
|
wdh->fh = fh;
|
|
|
|
|
|
|
|
if (!wtap_dump_open_finish(wdh, filetype, encap, snaplen, err)) {
|
|
|
|
/* Get rid of the file we created; we couldn't finish
|
|
|
|
opening it. */
|
|
|
|
unlink(filename);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
return wdh;
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
wtap_dumper* wtap_dump_fdopen(int fd, int filetype, int encap, int snaplen,
|
|
|
|
int *err)
|
|
|
|
{
|
2001-10-16 04:58:24 +00:00
|
|
|
wtap_dumper *wdh;
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
FILE *fh;
|
|
|
|
|
2001-10-16 04:58:24 +00:00
|
|
|
/* Check whether we can open a capture file with that file type
|
|
|
|
and that encapsulation. */
|
|
|
|
if (!wtap_dump_open_check(filetype, encap, err))
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
/* Allocate a data structure for the output stream. */
|
|
|
|
wdh = wtap_dump_alloc_wdh(filetype, encap, snaplen, err);
|
|
|
|
if (wdh == NULL)
|
|
|
|
return NULL; /* couldn't allocate it */
|
|
|
|
|
1999-09-23 05:00:59 +00:00
|
|
|
/* In case "fopen()" fails but doesn't set "errno", set "errno"
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
to a generic "the open failed" error. */
|
|
|
|
errno = WTAP_ERR_CANT_OPEN;
|
2000-02-03 06:31:30 +00:00
|
|
|
fh = fdopen(fd, "wb");
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
if (fh == NULL) {
|
|
|
|
*err = errno;
|
|
|
|
return NULL; /* can't create standard I/O stream */
|
|
|
|
}
|
2001-10-16 04:58:24 +00:00
|
|
|
wdh->fh = fh;
|
|
|
|
|
|
|
|
if (!wtap_dump_open_finish(wdh, filetype, encap, snaplen, err))
|
|
|
|
return NULL;
|
|
|
|
return wdh;
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
}
|
|
|
|
|
2001-10-16 04:58:24 +00:00
|
|
|
static gboolean wtap_dump_open_check(int filetype, int encap, int *err)
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
{
|
2001-10-16 04:58:24 +00:00
|
|
|
if (!wtap_dump_can_open(filetype)) {
|
1999-12-04 08:32:14 +00:00
|
|
|
/* Invalid type, or type we don't know how to write. */
|
|
|
|
*err = WTAP_ERR_UNSUPPORTED_FILE_TYPE;
|
2001-10-16 04:58:24 +00:00
|
|
|
return FALSE;
|
1999-12-04 08:32:14 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* OK, we know how to write that type; can we write the specified
|
|
|
|
encapsulation type? */
|
1999-12-04 09:38:38 +00:00
|
|
|
*err = (*dump_open_table[filetype].can_write_encap)(filetype, encap);
|
2001-10-16 04:58:24 +00:00
|
|
|
if (*err != 0)
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
/* All systems go! */
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
static wtap_dumper* wtap_dump_alloc_wdh(int filetype, int encap, int snaplen,
|
|
|
|
int *err)
|
|
|
|
{
|
|
|
|
wtap_dumper *wdh;
|
1999-12-04 08:32:14 +00:00
|
|
|
|
1999-11-10 19:47:57 +00:00
|
|
|
wdh = g_malloc(sizeof (wtap_dumper));
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
if (wdh == NULL) {
|
|
|
|
*err = errno;
|
|
|
|
return NULL;
|
|
|
|
}
|
2001-10-16 04:58:24 +00:00
|
|
|
wdh->fh = NULL;
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
wdh->file_type = filetype;
|
|
|
|
wdh->snaplen = snaplen;
|
|
|
|
wdh->encap = encap;
|
2000-05-10 22:16:31 +00:00
|
|
|
wdh->dump.opaque = NULL;
|
1999-12-04 08:32:14 +00:00
|
|
|
wdh->subtype_write = NULL;
|
|
|
|
wdh->subtype_close = NULL;
|
2001-10-16 04:58:24 +00:00
|
|
|
return wdh;
|
|
|
|
}
|
1999-12-04 08:32:14 +00:00
|
|
|
|
2001-10-16 04:58:24 +00:00
|
|
|
static gboolean wtap_dump_open_finish(wtap_dumper *wdh, int filetype,
|
|
|
|
int encap, int snaplen, int *err)
|
|
|
|
{
|
1999-12-04 08:32:14 +00:00
|
|
|
/* Now try to open the file for writing. */
|
|
|
|
if (!(*dump_open_table[filetype].dump_open)(wdh, err)) {
|
2001-10-16 04:58:24 +00:00
|
|
|
/* The attempt failed. Close the stream for the file.
|
|
|
|
NOTE: this means the FD handed to "wtap_dump_fdopen()"
|
1999-12-04 08:32:14 +00:00
|
|
|
will be closed if the open fails. */
|
2001-10-16 04:58:24 +00:00
|
|
|
fclose(wdh->fh);
|
|
|
|
|
|
|
|
/* Now free up the dumper handle. */
|
|
|
|
g_free(wdh);
|
|
|
|
return FALSE;
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
}
|
|
|
|
|
2001-10-16 04:58:24 +00:00
|
|
|
return TRUE; /* success! */
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
FILE* wtap_dump_file(wtap_dumper *wdh)
|
|
|
|
{
|
|
|
|
return wdh->fh;
|
|
|
|
}
|
|
|
|
|
1999-12-04 05:14:39 +00:00
|
|
|
gboolean wtap_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr,
|
2000-05-19 23:07:04 +00:00
|
|
|
const union wtap_pseudo_header *pseudo_header, const u_char *pd, int *err)
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
{
|
2000-05-18 09:09:50 +00:00
|
|
|
return (wdh->subtype_write)(wdh, phdr, pseudo_header, pd, err);
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
}
|
|
|
|
|
1999-12-04 05:14:39 +00:00
|
|
|
gboolean wtap_dump_close(wtap_dumper *wdh, int *err)
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
{
|
1999-12-04 05:14:39 +00:00
|
|
|
gboolean ret = TRUE;
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
|
1999-12-04 08:32:14 +00:00
|
|
|
if (wdh->subtype_close != NULL) {
|
|
|
|
/* There's a close routine for this dump stream. */
|
|
|
|
if (!(wdh->subtype_close)(wdh, err))
|
|
|
|
ret = FALSE;
|
|
|
|
}
|
1999-08-18 04:41:20 +00:00
|
|
|
errno = WTAP_ERR_CANT_CLOSE;
|
1999-09-23 05:00:59 +00:00
|
|
|
if (fclose(wdh->fh) == EOF) {
|
1999-08-18 04:41:20 +00:00
|
|
|
if (ret) {
|
|
|
|
/* The per-format close function succeeded,
|
1999-09-23 05:00:59 +00:00
|
|
|
but the fclose didn't. Save the reason
|
1999-08-18 04:41:20 +00:00
|
|
|
why, if our caller asked for it. */
|
|
|
|
if (err != NULL)
|
|
|
|
*err = errno;
|
|
|
|
}
|
1999-12-04 05:14:39 +00:00
|
|
|
ret = FALSE;
|
1999-08-18 04:41:20 +00:00
|
|
|
}
|
2000-05-10 22:16:31 +00:00
|
|
|
if (wdh->dump.opaque != NULL)
|
|
|
|
g_free(wdh->dump.opaque);
|
1999-11-10 19:47:57 +00:00
|
|
|
g_free(wdh);
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
return ret;
|
|
|
|
}
|