osmocom
/
wireshark
11
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Make various names match the name of the systemd journal export block. 

The name of the block, in the pcapng specification is the systemd
Journal Export Block; add "export" after "journal" in various
variable/enum/define names.
This commit is contained in:
Guy Harris 2021-06-17 13:52:45 -07:00
parent 829082c191
commit 6eb3703379
14 changed files with 63 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
dumpcap.c
View File

@ -4552,7 +4552,7 @@ capture_loop_write_pcapng_cb(capture_src *pcap_src, const pcapng_block_header_t
global_ld.go = FALSE;
global_ld.err = err;
pcap_src->dropped++;
} else if (bh->block_type == BLOCK_TYPE_EPB || bh->block_type == BLOCK_TYPE_SPB || bh->block_type == BLOCK_TYPE_SYSTEMD_JOURNAL) {
} else if (bh->block_type == BLOCK_TYPE_EPB || bh->block_type == BLOCK_TYPE_SPB || bh->block_type == BLOCK_TYPE_SYSTEMD_JOURNAL_EXPORT) {
/* count packet only if we actually have an EPB or SPB */
#if defined(DEBUG_DUMPCAP) || defined(DEBUG_CHILD_DUMPCAP)
ws_info("Wrote a pcapng block type %u of length %d captured on interface %u.",

4
editcap.c
View File

@ -2097,8 +2097,8 @@ main(int argc, char *argv[])
do_mutation = TRUE;
break;
case REC_TYPE_SYSTEMD_JOURNAL:
caplen = rec->rec_header.systemd_journal_header.record_len;
case REC_TYPE_SYSTEMD_JOURNAL_EXPORT:
caplen = rec->rec_header.systemd_journal_export_header.record_len;
do_mutation = TRUE;
break;
}

2
epan/dissectors/file-pcapng.c
View File

@ -242,7 +242,7 @@ static gboolean pref_dissect_next_layer = FALSE;
#define BLOCK_ENHANCED_PACKET 0x00000006
#define BLOCK_IRIG_TIMESTAMP 0x00000007
#define BLOCK_ARINC_429 0x00000008
#define BLOCK_SYSTEMD_JOURNAL 0x00000009
#define BLOCK_SYSTEMD_JOURNAL_EXPORT 0x00000009
#define BLOCK_DSB 0x0000000a
#define BLOCK_SECTION_HEADER 0x0A0D0D0A
#define BLOCK_DARWIN_PROCESS 0x80000001

6
epan/dissectors/packet-frame.c
View File

@ -384,7 +384,7 @@ dissect_frame(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void*
pinfo->current_proto = "System Call";
break;
case REC_TYPE_SYSTEMD_JOURNAL:
case REC_TYPE_SYSTEMD_JOURNAL_EXPORT:
pinfo->current_proto = "Systemd Journal";
break;
@ -507,7 +507,7 @@ dissect_frame(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void*
pinfo->num, frame_len, frame_plurality);
break;
case REC_TYPE_SYSTEMD_JOURNAL:
case REC_TYPE_SYSTEMD_JOURNAL_EXPORT:
/*
* XXX - we need to rethink what's handled by
* packet-record.c, what's handled by packet-frame.c.
@ -844,7 +844,7 @@ dissect_frame(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void*
}
break;
case REC_TYPE_SYSTEMD_JOURNAL:
case REC_TYPE_SYSTEMD_JOURNAL_EXPORT:
if (systemd_journal_handle) {
call_dissector_with_data(systemd_journal_handle,
tvb, pinfo, parent_tree,

4
epan/dissectors/packet-systemd-journal.c
View File

@ -885,7 +885,7 @@ proto_register_systemd_journal(void)
init_jf_to_hf_map();
}
#define BLOCK_TYPE_SYSTEMD_JOURNAL 0x0000009
#define BLOCK_TYPE_SYSTEMD_JOURNAL_EXPORT 0x0000009
void
proto_reg_handoff_systemd_journal(void)
{
@ -894,7 +894,7 @@ proto_reg_handoff_systemd_journal(void)
file_type_subtype_systemd_journal = wtap_name_to_file_type_subtype("systemd_journal");
if (file_type_subtype_systemd_journal != -1)
dissector_add_uint("wtap_fts_rec", file_type_subtype_systemd_journal, sje_handle);
dissector_add_uint("pcapng.block_type", BLOCK_TYPE_SYSTEMD_JOURNAL, sje_handle);
dissector_add_uint("pcapng.block_type", BLOCK_TYPE_SYSTEMD_JOURNAL_EXPORT, sje_handle);
// It's possible to ship journal entries over HTTP/HTTPS using
// systemd-journal-remote. Dissecting them on the wire isn't very
// useful since it's easy to end up with a packet containing a

8
epan/frame_data.c
View File

@ -193,13 +193,13 @@ frame_data_init(frame_data *fdata, guint32 num, const wtap_rec *rec,
fdata->cap_len = rec->rec_header.syscall_header.event_filelen;
break;
case REC_TYPE_SYSTEMD_JOURNAL:
case REC_TYPE_SYSTEMD_JOURNAL_EXPORT:
/*
* XXX - is cum_bytes supposed to count non-packet bytes?
*/
fdata->pkt_len = rec->rec_header.systemd_journal_header.record_len;
fdata->cum_bytes = cum_bytes + rec->rec_header.systemd_journal_header.record_len;
fdata->cap_len = rec->rec_header.systemd_journal_header.record_len;
fdata->pkt_len = rec->rec_header.systemd_journal_export_header.record_len;
fdata->cum_bytes = cum_bytes + rec->rec_header.systemd_journal_export_header.record_len;
fdata->cap_len = rec->rec_header.systemd_journal_export_header.record_len;
break;
case REC_TYPE_CUSTOM_BLOCK:

4
epan/packet.c
View File

@ -502,7 +502,7 @@ dissect_record(epan_dissect_t *edt, int file_type_subtype,
record_type = "System Call";
break;
case REC_TYPE_SYSTEMD_JOURNAL:
case REC_TYPE_SYSTEMD_JOURNAL_EXPORT:
record_type = "Systemd Journal Entry";
break;
@ -554,7 +554,7 @@ dissect_record(epan_dissect_t *edt, int file_type_subtype,
edt->pi.pseudo_header = NULL;
break;
case REC_TYPE_SYSTEMD_JOURNAL:
case REC_TYPE_SYSTEMD_JOURNAL_EXPORT:
edt->pi.pseudo_header = NULL;
break;

4
extcap/sdjournal.c
View File

@ -41,7 +41,7 @@
#define SDJOURNAL_VERSION_RELEASE "0"
#define SDJOURNAL_EXTCAP_INTERFACE "sdjournal"
#define BLOCK_TYPE_SYSTEMD_JOURNAL 0x00000009
#define BLOCK_TYPE_SYSTEMD_JOURNAL_EXPORT 0x00000009
enum {
EXTCAP_BASE_OPTIONS_ENUM,
@ -81,7 +81,7 @@ static int sdj_dump_entries(sd_journal *jnl, FILE* fp)
uint64_t pkt_rt_ts, mono_ts;
sd_id128_t boot_id;
char boot_id_str[FLD_BOOT_ID_LEN] = FLD_BOOT_ID;
guint32 block_type = BLOCK_TYPE_SYSTEMD_JOURNAL;
guint32 block_type = BLOCK_TYPE_SYSTEMD_JOURNAL_EXPORT;
guint32 data_end = 8; // Block type + total length
const void *fld_data;
size_t fld_len;

2
ui/file_dialog.c
View File

@ -69,7 +69,7 @@ get_stats_for_preview(wtap *wth, ws_file_preview_stats *stats,
case REC_TYPE_FT_SPECIFIC_EVENT:
case REC_TYPE_FT_SPECIFIC_REPORT:
case REC_TYPE_SYSCALL:
case REC_TYPE_SYSTEMD_JOURNAL:
case REC_TYPE_SYSTEMD_JOURNAL_EXPORT:
data_records++;
break;
}

30
wiretap/pcapng.c
View File

@ -298,7 +298,7 @@ register_pcapng_block_type_handler(guint block_type, block_reader reader,
case BLOCK_TYPE_CB_NO_COPY:
case BLOCK_TYPE_SYSDIG_EVENT:
case BLOCK_TYPE_SYSDIG_EVENT_V2:
case BLOCK_TYPE_SYSTEMD_JOURNAL:
case BLOCK_TYPE_SYSTEMD_JOURNAL_EXPORT:
/*
* Yes; we already handle it, and don't allow a replacement to
* be registeted (if there's a bug in our code, or there's
@ -2628,8 +2628,8 @@ pcapng_read_systemd_journal_export_block(wtap *wth, FILE_T fh, pcapng_block_head
}
}
wblock->rec->rec_type = REC_TYPE_SYSTEMD_JOURNAL;
wblock->rec->rec_header.systemd_journal_header.record_len = entry_length;
wblock->rec->rec_type = REC_TYPE_SYSTEMD_JOURNAL_EXPORT;
wblock->rec->rec_header.systemd_journal_export_header.record_len = entry_length;
wblock->rec->presence_flags = WTAP_HAS_CAP_LEN;
if (have_ts) {
wblock->rec->presence_flags |= WTAP_HAS_TS;
@ -2912,7 +2912,7 @@ pcapng_read_block(wtap *wth, FILE_T fh, pcapng_t *pn,
if (!pcapng_read_sysdig_event_block(fh, &bh, section_info, wblock, err, err_info))
return FALSE;
break;
case(BLOCK_TYPE_SYSTEMD_JOURNAL):
case(BLOCK_TYPE_SYSTEMD_JOURNAL_EXPORT):
if (!pcapng_read_systemd_journal_export_block(wth, fh, &bh, pn, wblock, err, err_info))
return FALSE;
break;
@ -4161,23 +4161,23 @@ pcapng_write_systemd_journal_export_block(wtap_dumper *wdh, const wtap_rec *rec,
guint32 pad_len;
/* Don't write anything we're not willing to read. */
if (rec->rec_header.systemd_journal_header.record_len > WTAP_MAX_PACKET_SIZE_STANDARD) {
if (rec->rec_header.systemd_journal_export_header.record_len > WTAP_MAX_PACKET_SIZE_STANDARD) {
*err = WTAP_ERR_PACKET_TOO_LARGE;
return FALSE;
}
if (rec->rec_header.systemd_journal_header.record_len % 4) {
pad_len = 4 - (rec->rec_header.systemd_journal_header.record_len % 4);
if (rec->rec_header.systemd_journal_export_header.record_len % 4) {
pad_len = 4 - (rec->rec_header.systemd_journal_export_header.record_len % 4);
} else {
pad_len = 0;
}
/* write systemd journal export block header */
bh.block_type = BLOCK_TYPE_SYSTEMD_JOURNAL;
bh.block_total_length = (guint32)sizeof(bh) + rec->rec_header.systemd_journal_header.record_len + pad_len + 4;
bh.block_type = BLOCK_TYPE_SYSTEMD_JOURNAL_EXPORT;
bh.block_total_length = (guint32)sizeof(bh) + rec->rec_header.systemd_journal_export_header.record_len + pad_len + 4;
ws_debug("writing %u bytes, %u padded",
rec->rec_header.systemd_journal_header.record_len,
rec->rec_header.systemd_journal_export_header.record_len,
bh.block_total_length);
if (!wtap_dump_file_write(wdh, &bh, sizeof bh, err))
@ -4185,9 +4185,9 @@ pcapng_write_systemd_journal_export_block(wtap_dumper *wdh, const wtap_rec *rec,
wdh->bytes_dumped += sizeof bh;
/* write entry data */
if (!wtap_dump_file_write(wdh, pd, rec->rec_header.systemd_journal_header.record_len, err))
if (!wtap_dump_file_write(wdh, pd, rec->rec_header.systemd_journal_export_header.record_len, err))
return FALSE;
wdh->bytes_dumped += rec->rec_header.systemd_journal_header.record_len;
wdh->bytes_dumped += rec->rec_header.systemd_journal_export_header.record_len;
/* write padding (if any) */
if (pad_len != 0) {
@ -5221,7 +5221,7 @@ static gboolean pcapng_dump(wtap_dumper *wdh,
}
break;
case REC_TYPE_SYSTEMD_JOURNAL:
case REC_TYPE_SYSTEMD_JOURNAL_EXPORT:
if (!pcapng_write_systemd_journal_export_block(wdh, rec, pd, err)) {
return FALSE;
}
@ -5442,7 +5442,7 @@ static const struct supported_option_type ft_specific_event_block_options_suppor
};
/* Options for systemd journal entry. */
static const struct supported_option_type systemd_journal_block_options_supported[] = {
static const struct supported_option_type systemd_journal_export_block_options_supported[] = {
{ OPT_COMMENT, MULTIPLE_OPTIONS_SUPPORTED }
};
@ -5472,7 +5472,7 @@ static const struct supported_block_type pcapng_blocks_supported[] = {
{ WTAP_BLOCK_FT_SPECIFIC_EVENT, MULTIPLE_BLOCKS_SUPPORTED, OPTION_TYPES_SUPPORTED(ft_specific_event_block_options_supported) },
/* Multiple systemd journal records. */
{ WTAP_BLOCK_SYSTEMD_JOURNAL, MULTIPLE_BLOCKS_SUPPORTED, OPTION_TYPES_SUPPORTED(systemd_journal_block_options_supported) },
{ WTAP_BLOCK_SYSTEMD_JOURNAL_EXPORT, MULTIPLE_BLOCKS_SUPPORTED, OPTION_TYPES_SUPPORTED(systemd_journal_export_block_options_supported) },
/* Multiple custom blocks. */
{ WTAP_BLOCK_CUSTOM_BLOCK, MULTIPLE_BLOCKS_SUPPORTED, NO_OPTIONS_SUPPORTED },

34
wiretap/pcapng_module.h
View File

@ -15,23 +15,23 @@
*
* XXX - Dear Sysdig People: please add your blocks to the spec!
*/
#define BLOCK_TYPE_SHB 0x0A0D0D0A /* Section Header Block */
#define BLOCK_TYPE_IDB 0x00000001 /* Interface Description Block */
#define BLOCK_TYPE_PB 0x00000002 /* Packet Block (obsolete) */
#define BLOCK_TYPE_SPB 0x00000003 /* Simple Packet Block */
#define BLOCK_TYPE_NRB 0x00000004 /* Name Resolution Block */
#define BLOCK_TYPE_ISB 0x00000005 /* Interface Statistics Block */
#define BLOCK_TYPE_EPB 0x00000006 /* Enhanced Packet Block */
#define BLOCK_TYPE_IRIG_TS 0x00000007 /* IRIG Timestamp Block */
#define BLOCK_TYPE_ARINC_429 0x00000008 /* ARINC 429 in AFDX Encapsulation Information Block */
#define BLOCK_TYPE_SYSTEMD_JOURNAL 0x00000009 /* systemd journal entry */
#define BLOCK_TYPE_DSB 0x0000000A /* Decryption Secrets Block */
#define BLOCK_TYPE_SYSDIG_EVENT 0x00000204 /* Sysdig Event Block */
#define BLOCK_TYPE_SYSDIG_EVF 0x00000208 /* Sysdig Event Block with flags */
#define BLOCK_TYPE_SYSDIG_EVENT_V2 0x00000216 /* Sysdig Event Block version 2 */
#define BLOCK_TYPE_SYSDIG_EVF_V2 0x00000217 /* Sysdig Event Block with flags version 2 */
#define BLOCK_TYPE_CB_COPY 0x00000BAD /* Custom Block which can be copied */
#define BLOCK_TYPE_CB_NO_COPY 0x40000BAD /* Custom Block which should not be copied */
#define BLOCK_TYPE_SHB 0x0A0D0D0A /* Section Header Block */
#define BLOCK_TYPE_IDB 0x00000001 /* Interface Description Block */
#define BLOCK_TYPE_PB 0x00000002 /* Packet Block (obsolete) */
#define BLOCK_TYPE_SPB 0x00000003 /* Simple Packet Block */
#define BLOCK_TYPE_NRB 0x00000004 /* Name Resolution Block */
#define BLOCK_TYPE_ISB 0x00000005 /* Interface Statistics Block */
#define BLOCK_TYPE_EPB 0x00000006 /* Enhanced Packet Block */
#define BLOCK_TYPE_IRIG_TS 0x00000007 /* IRIG Timestamp Block */
#define BLOCK_TYPE_ARINC_429 0x00000008 /* ARINC 429 in AFDX Encapsulation Information Block */
#define BLOCK_TYPE_SYSTEMD_JOURNAL_EXPORT 0x00000009 /* systemd journal entry */
#define BLOCK_TYPE_DSB 0x0000000A /* Decryption Secrets Block */
#define BLOCK_TYPE_SYSDIG_EVENT 0x00000204 /* Sysdig Event Block */
#define BLOCK_TYPE_SYSDIG_EVF 0x00000208 /* Sysdig Event Block with flags */
#define BLOCK_TYPE_SYSDIG_EVENT_V2 0x00000216 /* Sysdig Event Block version 2 */
#define BLOCK_TYPE_SYSDIG_EVF_V2 0x00000217 /* Sysdig Event Block with flags version 2 */
#define BLOCK_TYPE_CB_COPY 0x00000BAD /* Custom Block which can be copied */
#define BLOCK_TYPE_CB_NO_COPY 0x40000BAD /* Custom Block which should not be copied */
/* TODO: the following are not yet well defined in the draft spec,
* and do not yet have block type values assigned to them:

6
wiretap/systemd_journal.c
View File

@ -229,9 +229,9 @@ systemd_journal_read_export_entry(FILE_T fh, wtap_rec *rec, Buffer *buf, int *er
return FALSE;
}
rec->rec_type = REC_TYPE_SYSTEMD_JOURNAL;
rec->rec_type = REC_TYPE_SYSTEMD_JOURNAL_EXPORT;
rec->presence_flags = WTAP_HAS_TS|WTAP_HAS_CAP_LEN;
rec->rec_header.systemd_journal_header.record_len = (guint32) fld_end;
rec->rec_header.systemd_journal_export_header.record_len = (guint32) fld_end;
return TRUE;
}
@ -240,7 +240,7 @@ static const struct supported_block_type systemd_journal_blocks_supported[] = {
/*
* We support systemd journal blocks, with no comments or other options.
*/
{ WTAP_BLOCK_SYSTEMD_JOURNAL, MULTIPLE_BLOCKS_SUPPORTED, NO_OPTIONS_SUPPORTED }
{ WTAP_BLOCK_SYSTEMD_JOURNAL_EXPORT, MULTIPLE_BLOCKS_SUPPORTED, NO_OPTIONS_SUPPORTED }
};
static const struct file_type_subtype_info systemd_journal_info = {

16
wiretap/wtap.h
View File

@ -1207,12 +1207,12 @@ union wtap_pseudo_header {
* option would suffice for this purpose, so nothing needs to be
* added to pcapng for this.)
*/
#define REC_TYPE_PACKET 0 /**< packet */
#define REC_TYPE_FT_SPECIFIC_EVENT 1 /**< file-type-specific event */
#define REC_TYPE_FT_SPECIFIC_REPORT 2 /**< file-type-specific report */
#define REC_TYPE_SYSCALL 3 /**< system call */
#define REC_TYPE_SYSTEMD_JOURNAL 4 /**< systemd journal entry */
#define REC_TYPE_CUSTOM_BLOCK 5 /**< pcapng custom block */
#define REC_TYPE_PACKET 0 /**< packet */
#define REC_TYPE_FT_SPECIFIC_EVENT 1 /**< file-type-specific event */
#define REC_TYPE_FT_SPECIFIC_REPORT 2 /**< file-type-specific report */
#define REC_TYPE_SYSCALL 3 /**< system call */
#define REC_TYPE_SYSTEMD_JOURNAL_EXPORT 4 /**< systemd journal entry */
#define REC_TYPE_CUSTOM_BLOCK 5 /**< pcapng custom block */
typedef struct {
guint32 caplen; /* data length in the file */
@ -1322,7 +1322,7 @@ typedef struct {
typedef struct {
guint32 record_len; /* length of the record */
} wtap_systemd_journal_header;
} wtap_systemd_journal_export_header;
typedef struct {
guint32 length; /* length of the record */
@ -1339,7 +1339,7 @@ typedef struct {
wtap_packet_header packet_header;
wtap_ft_specific_header ft_specific_header;
wtap_syscall_header syscall_header;
wtap_systemd_journal_header systemd_journal_header;
wtap_systemd_journal_export_header systemd_journal_export_header;
wtap_custom_block_header custom_block_header;
} rec_header;
/*

4
wiretap/wtap_opttypes.h
View File

@ -156,7 +156,7 @@ typedef struct wtap_block *wtap_block_t;
* WTAP_BLOCK_PACKET (which corresponds to the Enhanced Packet Block,
* the Simple Packet Block, and the deprecated Packet Block) is not
* currently used; it's reserved for future use. The same applies
* to WTAP_BLOCK_SYSTEMD_JOURNAL.
* to WTAP_BLOCK_SYSTEMD_JOURNAL_EXPORT.
*/
typedef enum {
WTAP_BLOCK_SECTION = 0,
@ -167,7 +167,7 @@ typedef enum {
WTAP_BLOCK_PACKET,
WTAP_BLOCK_FT_SPECIFIC_REPORT,
WTAP_BLOCK_FT_SPECIFIC_EVENT,
WTAP_BLOCK_SYSTEMD_JOURNAL,
WTAP_BLOCK_SYSTEMD_JOURNAL_EXPORT,
WTAP_BLOCK_CUSTOM_BLOCK,
MAX_WTAP_BLOCK_TYPE_VALUE
} wtap_block_type_t;