1998-11-12 06:01:27 +00:00
|
|
|
/* file.c
|
|
|
|
*
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
* $Id: file.c,v 1.14 1999/08/18 04:17:37 guy Exp $
|
1998-11-12 06:01:27 +00:00
|
|
|
*
|
|
|
|
* Wiretap Library
|
|
|
|
* Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
|
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
* as published by the Free Software Foundation; either version 2
|
|
|
|
* of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
|
|
|
*
|
|
|
|
*/
|
1999-07-13 02:53:26 +00:00
|
|
|
#ifdef HAVE_CONFIG_H
|
|
|
|
#include "config.h"
|
|
|
|
#endif
|
1998-11-12 00:06:47 +00:00
|
|
|
#include <stdio.h>
|
|
|
|
#include <string.h>
|
1998-11-12 23:29:34 +00:00
|
|
|
#include <stdlib.h>
|
1999-08-15 06:59:13 +00:00
|
|
|
#include <sys/stat.h>
|
|
|
|
#include <errno.h>
|
1998-11-12 00:06:47 +00:00
|
|
|
#include "wtap.h"
|
1999-03-01 18:57:07 +00:00
|
|
|
#include "buffer.h"
|
1998-11-12 06:01:27 +00:00
|
|
|
#include "lanalyzer.h"
|
|
|
|
#include "ngsniffer.h"
|
Check in Olivier Abad's patch to add dissectors for LAP-B and X.25, and
wiretap support for RADCOM Ltd.'s WAN/LAN analyzers (see
http://www.radcom-inc.com/
). Note: as I remember, IEEE 802.2/ISO 8022 LLC has somewhat of an SDLC
flavor to it, just as I think LAP, LAPB, LAPD, and so on do, so we may
be able to combine some of the LLC dissection and the LAPB dissection
into common code that could, conceivably be used for other SDLC-flavored
protocols.
Make "S" a mnemonic for "Summary" in the "Tools" menu.
Move the routine, used for the "Tools/Summary" display, that turns a
wiretap file type into a descriptive string for it into the wiretap
library itself, expand on some of its descriptions, and add an entry for
files from a RADCOM analyzer.
Have "Tools/Summary" display the snapshot length for the capture.
svn path=/trunk/; revision=416
1999-08-02 02:04:38 +00:00
|
|
|
#include "radcom.h"
|
1998-11-15 05:29:17 +00:00
|
|
|
#include "libpcap.h"
|
|
|
|
#include "snoop.h"
|
1999-01-02 06:10:55 +00:00
|
|
|
#include "iptrace.h"
|
1999-01-17 09:33:15 +00:00
|
|
|
#include "netmon.h"
|
1999-02-20 06:49:27 +00:00
|
|
|
#include "netxray.h"
|
1998-11-12 00:06:47 +00:00
|
|
|
|
|
|
|
/* The open_file_* routines should return the WTAP_FILE_* type
|
|
|
|
* that they are checking for if the file is successfully recognized
|
|
|
|
* as such. If the file is not of that type, the routine should return
|
|
|
|
* WTAP_FILE_UNKNOWN */
|
|
|
|
|
|
|
|
/* Opens a file and prepares a wtap struct */
|
1999-08-15 06:59:13 +00:00
|
|
|
wtap* wtap_open_offline(const char *filename, int *err)
|
1998-11-12 00:06:47 +00:00
|
|
|
{
|
1999-08-15 06:59:13 +00:00
|
|
|
struct stat statb;
|
1998-11-12 00:06:47 +00:00
|
|
|
wtap *wth;
|
|
|
|
|
1999-08-15 06:59:13 +00:00
|
|
|
/* First, make sure the file is valid */
|
|
|
|
if (stat(filename, &statb)) {
|
|
|
|
*err = errno;
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
#ifndef WIN32
|
|
|
|
if (! S_ISREG(statb.st_mode) && ! S_ISFIFO(statb.st_mode)) {
|
|
|
|
*err = WTAP_ERR_NOT_REGULAR_FILE;
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
1998-11-12 00:06:47 +00:00
|
|
|
wth = (wtap*)malloc(sizeof(wtap));
|
|
|
|
|
|
|
|
/* Open the file */
|
|
|
|
if (!(wth->fh = fopen(filename, "rb"))) {
|
1999-08-15 06:59:13 +00:00
|
|
|
*err = errno;
|
|
|
|
free(wth);
|
1998-11-12 00:06:47 +00:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
1999-03-01 18:57:07 +00:00
|
|
|
/* initialization */
|
|
|
|
wth->file_encap = WTAP_ENCAP_NONE;
|
|
|
|
|
|
|
|
/* Try all file types */
|
1998-11-12 00:06:47 +00:00
|
|
|
|
1999-01-21 05:03:56 +00:00
|
|
|
/* WTAP_FILE_PCAP */
|
|
|
|
if ((wth->file_type = libpcap_open(wth)) != WTAP_FILE_UNKNOWN) {
|
|
|
|
goto success;
|
1998-11-12 00:06:47 +00:00
|
|
|
}
|
1999-01-21 05:03:56 +00:00
|
|
|
/* WTAP_FILE_NGSNIFFER */
|
|
|
|
if ((wth->file_type = ngsniffer_open(wth)) != WTAP_FILE_UNKNOWN) {
|
|
|
|
goto success;
|
|
|
|
}
|
Check in Olivier Abad's patch to add dissectors for LAP-B and X.25, and
wiretap support for RADCOM Ltd.'s WAN/LAN analyzers (see
http://www.radcom-inc.com/
). Note: as I remember, IEEE 802.2/ISO 8022 LLC has somewhat of an SDLC
flavor to it, just as I think LAP, LAPB, LAPD, and so on do, so we may
be able to combine some of the LLC dissection and the LAPB dissection
into common code that could, conceivably be used for other SDLC-flavored
protocols.
Make "S" a mnemonic for "Summary" in the "Tools" menu.
Move the routine, used for the "Tools/Summary" display, that turns a
wiretap file type into a descriptive string for it into the wiretap
library itself, expand on some of its descriptions, and add an entry for
files from a RADCOM analyzer.
Have "Tools/Summary" display the snapshot length for the capture.
svn path=/trunk/; revision=416
1999-08-02 02:04:38 +00:00
|
|
|
/* WTAP_FILE_RADCOM */
|
|
|
|
if ((wth->file_type = radcom_open(wth)) != WTAP_FILE_UNKNOWN) {
|
|
|
|
goto success;
|
|
|
|
}
|
1999-01-21 05:03:56 +00:00
|
|
|
/* WTAP_FILE_LANALYZER */
|
|
|
|
if ((wth->file_type = lanalyzer_open(wth)) != WTAP_FILE_UNKNOWN) {
|
|
|
|
goto success;
|
|
|
|
}
|
|
|
|
/* WTAP_FILE_SNOOP */
|
|
|
|
if ((wth->file_type = snoop_open(wth)) != WTAP_FILE_UNKNOWN) {
|
|
|
|
goto success;
|
|
|
|
}
|
|
|
|
/* WTAP_FILE_IPTRACE */
|
|
|
|
if ((wth->file_type = iptrace_open(wth)) != WTAP_FILE_UNKNOWN) {
|
|
|
|
goto success;
|
|
|
|
}
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
/* WTAP_FILE_NETMON_xxx */
|
1999-01-21 05:03:56 +00:00
|
|
|
if ((wth->file_type = netmon_open(wth)) != WTAP_FILE_UNKNOWN) {
|
|
|
|
goto success;
|
1998-11-12 00:06:47 +00:00
|
|
|
}
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
/* WTAP_FILE_NETXRAY_xxx */
|
1999-02-20 06:49:27 +00:00
|
|
|
if ((wth->file_type = netxray_open(wth)) != WTAP_FILE_UNKNOWN) {
|
|
|
|
goto success;
|
|
|
|
}
|
1998-11-12 00:06:47 +00:00
|
|
|
|
1999-01-21 05:03:56 +00:00
|
|
|
/* failure: */
|
1998-11-12 00:06:47 +00:00
|
|
|
fclose(wth->fh);
|
|
|
|
free(wth);
|
1999-08-15 06:59:13 +00:00
|
|
|
*err = WTAP_ERR_FILE_UNKNOWN_FORMAT;
|
|
|
|
return NULL;
|
1998-11-12 00:06:47 +00:00
|
|
|
|
|
|
|
success:
|
1999-03-01 18:57:07 +00:00
|
|
|
wth->frame_buffer = g_malloc(sizeof(struct Buffer));
|
|
|
|
buffer_init(wth->frame_buffer, 1500);
|
1998-11-12 00:06:47 +00:00
|
|
|
return wth;
|
|
|
|
}
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
|
|
|
|
|
|
|
|
static wtap_dumper* wtap_dump_open_common(FILE *fh, int filetype,
|
|
|
|
int encap, int snaplen, int *err);
|
|
|
|
|
|
|
|
wtap_dumper* wtap_dump_open(const char *filename, int filetype, int encap,
|
|
|
|
int snaplen, int *err)
|
|
|
|
{
|
|
|
|
FILE *fh;
|
|
|
|
|
|
|
|
/* In case "fopen()" fails but doesn't set "errno", set "errno"
|
|
|
|
to a generic "the open failed" error. */
|
|
|
|
errno = WTAP_ERR_CANT_OPEN;
|
|
|
|
fh = fopen(filename, "w");
|
|
|
|
if (fh == NULL) {
|
|
|
|
*err = errno;
|
|
|
|
return NULL; /* can't create file */
|
|
|
|
}
|
|
|
|
return wtap_dump_open_common(fh, filetype, encap, snaplen, err);
|
|
|
|
}
|
|
|
|
|
|
|
|
wtap_dumper* wtap_dump_fdopen(int fd, int filetype, int encap, int snaplen,
|
|
|
|
int *err)
|
|
|
|
{
|
|
|
|
FILE *fh;
|
|
|
|
|
|
|
|
/* In case "fopen()" fails but doesn't set "errno", set "errno"
|
|
|
|
to a generic "the open failed" error. */
|
|
|
|
errno = WTAP_ERR_CANT_OPEN;
|
|
|
|
fh = fdopen(fd, "w");
|
|
|
|
if (fh == NULL) {
|
|
|
|
*err = errno;
|
|
|
|
return NULL; /* can't create standard I/O stream */
|
|
|
|
}
|
|
|
|
return wtap_dump_open_common(fh, filetype, encap, snaplen, err);
|
|
|
|
}
|
|
|
|
|
|
|
|
static wtap_dumper* wtap_dump_open_common(FILE *fh, int filetype, int encap,
|
|
|
|
int snaplen, int *err)
|
|
|
|
{
|
|
|
|
wtap_dumper *wdh;
|
|
|
|
|
|
|
|
wdh = malloc(sizeof (wtap_dumper));
|
|
|
|
if (wdh == NULL) {
|
|
|
|
*err = errno;
|
|
|
|
/* NOTE: this means the FD handed to "wtap_dump_fdopen()"
|
|
|
|
will be closed if the malloc fails. */
|
|
|
|
fclose(fh);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
wdh->fh = fh;
|
|
|
|
wdh->file_type = filetype;
|
|
|
|
wdh->snaplen = snaplen;
|
|
|
|
wdh->encap = encap;
|
|
|
|
|
|
|
|
switch (filetype) {
|
|
|
|
|
|
|
|
case WTAP_FILE_PCAP:
|
|
|
|
if (!libpcap_dump_open(wdh, err))
|
|
|
|
goto fail;
|
|
|
|
break;
|
|
|
|
|
|
|
|
default:
|
|
|
|
/* We currently only support dumping "libpcap" files */
|
|
|
|
*err = WTAP_ERR_UNSUPPORTED_FILE_TYPE;
|
|
|
|
goto fail;
|
|
|
|
}
|
|
|
|
return wdh;
|
|
|
|
|
|
|
|
fail:
|
|
|
|
free(wdh);
|
|
|
|
fclose(fh);
|
|
|
|
return NULL; /* XXX - provide a reason why we failed */
|
|
|
|
}
|
|
|
|
|
|
|
|
FILE* wtap_dump_file(wtap_dumper *wdh)
|
|
|
|
{
|
|
|
|
return wdh->fh;
|
|
|
|
}
|
|
|
|
|
|
|
|
int wtap_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr,
|
|
|
|
const u_char *pd)
|
|
|
|
{
|
|
|
|
return (wdh->subtype_write)(wdh, phdr, pd);
|
|
|
|
}
|
|
|
|
|
|
|
|
int wtap_dump_close(wtap_dumper *wdh)
|
|
|
|
{
|
|
|
|
int ret = 1;
|
|
|
|
|
|
|
|
if (!(wdh->subtype_close)(wdh))
|
|
|
|
ret = 0;
|
|
|
|
ret = fclose(wdh->fh);
|
|
|
|
if (ret == EOF)
|
|
|
|
ret = 0;
|
|
|
|
free(wdh);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|