osmocom
/
wireshark
11
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
wireshark/capture_win_ifnames.c

320 lines
13 KiB
C
Raw Normal View History

From Mike Garratt: Friendly Names for interfaces on Windows Notes on the changes the patch covers: * if_info_t struct: addition of friendly_name * Dumpcap Interface list format changes: + Win32: "dumpcap -D" shows friendly_name in place of descript if known + All: machine interface "dumpcap -D -Z none" includes friendly_name in the list in addition to the existing parameters * interface_options struct: addition of console_display_name + When an interface name is displayed in a console, it will typically be the console_display_name (instead of name). + console_display_name is used as the basis of the autogenerated temp filenames + console_display_name is typically set to the friendly_name if known, otherwise it is set to the interface name * Enhancements to capture_opts_add_iface_opt() (the function which process -i options). + Can now specify the interface using its name and friendly_name + Interface name matching is case insenstive + Name matching first attempts exact matching, then falls back to prefix matching (e.g. dumpcap -i local) + Validates interface names, instead of blindly sending them off to winpcap/libpcap + Interface specification by number is still supported. * capture_opts_trim_iface() has been refactored: + Instead of repeating a decent chunk of the cost in capture_opts_add_iface_opt(), it calls capture_opts_trim_iface() to specify the interface. * introduction of capture_win_ifnames.[ch] (windows only code) + Implements static function GetInterfaceFriendlyNameFromDeviceGuid() - a windows version independant function to convert an interface guid into its friendly name. Uses published api functions on windows vista and higher, but falls back to unpublished API functions on older windows releases. + void get_windows_interface_friendlyname(/* IN */ char *interface_devicename, /* OUT */char **interface_friendlyname); - extracts the GUID from the interface_devicename, then uses GetInterfaceFriendlyNameFromDeviceGuid() to do the resolution * Auto temp filename generation: + Now uses wireshark_pcapng_* or wireshark_pcap_* depending on file format + Basis temp filename format on console_display_name + Win32: if console_display_name is a windows interface guid, extracts numbers from GUID here (instead of in interface option processing) GUI CHANGES: * Dialog that displays when you click the "Manage Interfaces" button (within Capture Options dialog) has been renamed from "Add new interfaces" to "Interface Management" * ui/gtk/capture_dlg.c: new_interfaces_w variable renamed to interface_management_w * Win32: Local Interfaces tab on Interface Management dialog, shows includes friendly name as far left column * Interface Management dialog defaults to larger size on win32 - so it fits without resizing local interfaces tab * Interface Management dialog now saves preferences when you click the apply button (local hidden interfaces was not persisting across restarts) * Tweaks: "Interface Details" dialog (Interface list->Capture Interfaces -> Details): + "Friendly Name" renamed to "NDIS Friendly Name" + Added "OS Friendly Name" to the top of the list * Win32: The "Capture Interfaces" dialog now shows the friendly name instead of device guid * Welcome screen: + The height of the interface list scrollbox dynamically adjusts & updates to the number visible interfaces. Up to 10 interfaces can be listed without a scroll bar, the minimum height is for 2 interfaces. + Win32: now shows just the Friendly Name if known - in place of "Interfacename_Guid:(Description)" svn path=/trunk/; revision=46083
2012-11-19 20:07:27 +00:00
/* capture_win_ifnames.c
* Routines supporting the use of Windows friendly interface names within Wireshark
* Copyright 2011-2012, Mike Garratt <wireshark@evn.co.nz>
*
* $Id$
*
* Wireshark - Network traffic analyzer
* By Gerald Combs <gerald@wireshark.org>
* Copyright 1998 Gerald Combs
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#ifdef _WIN32
#include <windows.h>
#include <objbase.h> /* for CLSIDFromString() to convert guid text to a GUID */
#include <tchar.h>
#include <winsock2.h>
#include <iphlpapi.h>
#include <stdio.h>
#include <stdlib.h>
#include <wtap.h>
#include <libpcap.h>
#include <glib.h>
#include <ntddndis.h>
#include "log.h"
#include "capture_ifinfo.h"
#include "capture_win_ifnames.h"
#include "wsutil/file_util.h"
/* Link with ole32.lib - provides CLSIDFromString() to convert guid text to a GUID */
#pragma comment(lib, "ole32.lib")
/**********************************************************************************/
gboolean IsWindowsVistaOrLater()
{
OSVERSIONINFO osvi;
SecureZeroMemory(&osvi, sizeof(OSVERSIONINFO));
osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
if(GetVersionEx(&osvi)){
return osvi.dwMajorVersion >= 6;
}
return FALSE;
}
/**********************************************************************************/
/* The wireshark gui doesn't appear at this stage to support having logging messages
* returned using g_log() before the interface list.
* Below is a generic logging function that can be easily ripped out or configured to
* redirect to g_log() if the behaviour changes in the future.
*/
static void ifnames_log(const gchar *log_domain, GLogLevelFlags log_level, const gchar *format, ...)
{
char buf[16384];
va_list args;
if(log_level!=G_LOG_LEVEL_ERROR){
return;
}
va_start(args, format);
vsnprintf(buf, 16383, format, args);
va_end(args);
fprintf(stderr,"%s\r\n",buf);
}
#define g_log ifnames_log
/**********************************************************************************/
/* Get the Connection Name for the given GUID */
static int GetInterfaceFriendlyNameFromDeviceGuid(__in GUID *guid, __out char **Name)
{
HMODULE hIPHlpApi;
HRESULT status;
WCHAR wName[NDIS_IF_MAX_STRING_SIZE + 1];
HRESULT hr;
gboolean fallbackToUnpublishedApi=TRUE;
gboolean haveInterfaceFriendlyName=FALSE;
/* check we have a parameter */
if(Name==NULL){
return -1;
}
/* Load the ip helper api DLL */
hIPHlpApi = LoadLibrary(TEXT("iphlpapi.dll"));
if (hIPHlpApi == NULL) {
/* Load failed - DLL should always be available in XP+*/
g_log(LOG_DOMAIN_CAPTURE, G_LOG_LEVEL_ERROR,
"Failed to load iphlpapi.dll library for interface name lookups, errorcode=0x%08x\n", GetLastError());
return -1;
}
g_log(LOG_DOMAIN_CAPTURE, G_LOG_LEVEL_DEBUG, "Loaded iphlpapi.dll library for interface friendly name lookups");
/* Need to convert an Interface GUID to the interface friendly name (e.g. "Local Area Connection")
* The functions required to do this all reside within iphlpapi.dll
* - The preferred approach is to use published API functions (Available since Windows Vista)
* - We do however fallback to trying undocumented API if the published API is not available (Windows XP/2k3 scenario)
*/
if(IsWindowsVistaOrLater()){
/* Published API function prototypes (for Windows Vista/Windows Server 2008+) */
typedef NETIO_STATUS (WINAPI *ProcAddr_CIG2L) (__in CONST GUID *InterfaceGuid, __out PNET_LUID InterfaceLuid);
typedef NETIO_STATUS (WINAPI *ProcAddr_CIL2A) ( __in CONST NET_LUID *InterfaceLuid,__out_ecount(Length) PWSTR InterfaceAlias, __in SIZE_T Length);
/* Attempt to do the conversion using Published API functions */
ProcAddr_CIG2L proc_ConvertInterfaceGuidToLuid=(ProcAddr_CIG2L) GetProcAddress(hIPHlpApi, "ConvertInterfaceGuidToLuid");
if(proc_ConvertInterfaceGuidToLuid!=NULL){
ProcAddr_CIL2A Proc_ConvertInterfaceLuidToAlias=(ProcAddr_CIL2A) GetProcAddress(hIPHlpApi, "ConvertInterfaceLuidToAlias");
if(Proc_ConvertInterfaceLuidToAlias!=NULL){
/* we have our functions ready to go, attempt to convert interface guid->luid->friendlyname */
NET_LUID InterfaceLuid;
hr = proc_ConvertInterfaceGuidToLuid(guid, &InterfaceLuid);
if(hr==NO_ERROR){
/* guid->luid success */
hr = Proc_ConvertInterfaceLuidToAlias(&InterfaceLuid, wName, NDIS_IF_MAX_STRING_SIZE+1);
if(hr==NO_ERROR){
/* luid->friendly name success */
haveInterfaceFriendlyName=TRUE; /* success */
g_log(LOG_DOMAIN_CAPTURE, G_LOG_LEVEL_DEBUG,
"converted interface guid to friendly name.");
}else{
/* luid->friendly name failed */
fallbackToUnpublishedApi=FALSE;
g_log(LOG_DOMAIN_CAPTURE, G_LOG_LEVEL_MESSAGE,
"ConvertInterfaceLuidToAlias failed to convert interface luid to a friendly name, LastErrorCode=0x%08x.", GetLastError());
}
}else{
fallbackToUnpublishedApi=FALSE;
g_log(LOG_DOMAIN_CAPTURE, G_LOG_LEVEL_MESSAGE,
"ConvertInterfaceGuidToLuid failed to convert interface guid to a luid, LastErrorCode=0x%08x.", GetLastError());
}
}else{
g_log(LOG_DOMAIN_CAPTURE, G_LOG_LEVEL_ERROR,
"Failed to find address of ConvertInterfaceLuidToAlias in iphlpapi.dll, LastErrorCode=0x%08x.", GetLastError());
}
}else{
g_log(LOG_DOMAIN_CAPTURE, G_LOG_LEVEL_ERROR,
"Failed to find address of ConvertInterfaceGuidToLuid in iphlpapi.dll, LastErrorCode=0x%08x.", GetLastError());
}
}
if(fallbackToUnpublishedApi && !haveInterfaceFriendlyName){
/* Didn't manage to get the friendly name using published api functions
* (most likely cause wireshark is running on Windows XP/Server 2003)
* Retry using nhGetInterfaceNameFromGuid (an older unpublished API function) */
typedef HRESULT (WINAPI *ProcAddr_nhGINFG) (__in GUID *InterfaceGuid, __out PCWSTR InterfaceAlias, __inout DWORD *LengthAddress, wchar_t *a4, wchar_t *a5);
ProcAddr_nhGINFG Proc_nhGetInterfaceNameFromGuid = NULL;
Proc_nhGetInterfaceNameFromGuid = (ProcAddr_nhGINFG) GetProcAddress(hIPHlpApi, "NhGetInterfaceNameFromGuid");
if (Proc_nhGetInterfaceNameFromGuid!= NULL) {
wchar_t *p4=NULL, *p5=NULL;
DWORD NameSize;
g_log(LOG_DOMAIN_CAPTURE, G_LOG_LEVEL_DEBUG,
"Unpublished NhGetInterfaceNameFromGuid function located in iphlpapi.dll, looking up friendly name from guid");
/* testing of nhGetInterfaceNameFromGuid indicates the unpublished API function expects the 3rd parameter
* to be the available space in bytes (as compared to wchar's) available in the second parameter buffer
* to receive the friendly name (in unicode format) including the space for the nul termination.*/
NameSize = sizeof(wName);
/* do the guid->friendlyname lookup */
status = Proc_nhGetInterfaceNameFromGuid(guid, wName, &NameSize, p4, p5);
g_log(LOG_DOMAIN_CAPTURE, G_LOG_LEVEL_DEBUG,
"nhGetInterfaceNameFromGuidProc status =%d, p4=%d, p5=%d, namesize=%d\n", status, (int)p4, (int)p5, NameSize);
if(status==0){
haveInterfaceFriendlyName=TRUE; /* success */
g_log(LOG_DOMAIN_CAPTURE, G_LOG_LEVEL_DEBUG,
"Converted interface guid to friendly name.");
}
}else{
g_log(LOG_DOMAIN_CAPTURE, G_LOG_LEVEL_ERROR,
"Failed to locate unpublished NhGetInterfaceNameFromGuid function located in iphlpapi.dll, "
"for looking up interface friendly name, LastErrorCode=0x%08x.", GetLastError());
}
}
/* we have finished with iphlpapi.dll - release it */
FreeLibrary(hIPHlpApi);
if(!haveInterfaceFriendlyName){
/* failed to get the friendly name, nothing further to do */
return -1;
}
/* Get the required buffer size, and then convert the string */
{
int size = WideCharToMultiByte(CP_UTF8, 0, wName, -1, NULL, 0, NULL, NULL);
char *name = (char *) g_malloc(size);
if (name == NULL){
g_log(LOG_DOMAIN_CAPTURE, G_LOG_LEVEL_ERROR,
"Failed to allocate memory to convert format of interface friendly name, LastErrorCode=0x%08x.", GetLastError());
return -1;
}
size=WideCharToMultiByte(CP_UTF8, 0, wName, -1, name, size, NULL, NULL);
if(size==0){
/* bytes written == 0, indicating some form of error*/
g_log(LOG_DOMAIN_CAPTURE, G_LOG_LEVEL_ERROR,
"Error converting format of interface friendly name, LastErrorCode=0x%08x.", GetLastError());
g_free(name);
return -1;
}
g_log(LOG_DOMAIN_CAPTURE, G_LOG_LEVEL_MESSAGE, "Friendly name is '%s'", name);
*Name = name;
}
return 0;
}
/**********************************************************************************/
/* returns the interface friendly name for a device name, if it is unable to
* resolve the name, "" is returned */
void get_windows_interface_friendlyname(/* IN */ char *interface_devicename, /* OUT */char **interface_friendlyname)
{
const char* guid_text;
GUID guid;
g_log(LOG_DOMAIN_CAPTURE, G_LOG_LEVEL_DEBUG, "test, 1,2,3");
/* ensure we can return a result */
if(interface_friendlyname==NULL){
g_log(LOG_DOMAIN_CAPTURE, G_LOG_LEVEL_DEBUG, "open_raw_pipe sdfsd");
fflush(stderr);
fflush(stdout);
g_log(LOG_DOMAIN_CAPTURE, G_LOG_LEVEL_ERROR,
"invalid interface_friendlyname parameter to get_windows_interface_friendlyname() function.");
return;
}
/* start on the basis we know nothing */
*interface_friendlyname=NULL;
/* Extract the guid text from the interface device name */
if(strncmp("\\Device\\NPF_", interface_devicename, 12)==0){
guid_text=interface_devicename+12; /* skip over the '\Device\NPF_' prefix, assume the rest is the guid text */
}else{
guid_text=interface_devicename;
}
/*** Convert the guid text the GUID structure */
{
/* Part 1: guid_text to unicode, dynamically allocating sufficent memory for conversion*/
WCHAR wGuidText[39];
HRESULT hr;
int size=39; /* a guid should always been 38 unicode characters in length (+1 for null termination) */
size=MultiByteToWideChar(CP_ACP, 0, guid_text, -1, wGuidText, size);
if(size!=39){
/* guid text to unicode conversion failed */
g_log(LOG_DOMAIN_CAPTURE, G_LOG_LEVEL_ERROR,
"Failed the extract guid from interface devicename, unicode convert result=%d, guid input ='%s', LastErrorCode=0x%08x.",
size, guid_text, GetLastError());
return;
}
/* Part 2: unicode guid text to GUID structure */
hr = CLSIDFromString(wGuidText, (LPCLSID)&guid);
if (hr != S_OK){
/* guid text to unicode conversion failed */
g_log(LOG_DOMAIN_CAPTURE, G_LOG_LEVEL_ERROR,
"Failed to convert interface devicename guid to GUID structure, convert result=0x%08x, guid input ='%s', LastErrorCode=0x%08x.",
hr, guid_text, GetLastError());
return;
}
}
/* guid okay, get the interface friendly name associated with the guid */
{
int r=GetInterfaceFriendlyNameFromDeviceGuid(&guid, interface_friendlyname);
if(r!=NO_ERROR){
g_log(LOG_DOMAIN_CAPTURE, G_LOG_LEVEL_ERROR,
"Failed to retrieve interface friendly name associated with interface '%s', LastErrorCode=0x%08x.",
interface_devicename, GetLastError());
*interface_friendlyname=NULL; /* failed to get friendly name, ensure the ultimate result is NULL */
return;
}
}
/* success */
g_log(LOG_DOMAIN_CAPTURE, G_LOG_LEVEL_MESSAGE,
"\nInterface %s => '%s'\n\n\n", interface_devicename, *interface_friendlyname);
return;
}
#undef g_log
/**************************************************************************************/
#endif