search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
regen pidl all: rm epan/dissectors/pidl/*-stamp; pushd epan/dissectors/pidl/ && make...
[wireshark-sm.git] / capture / capture-wpcap.c
blob0e426a20709150a56c4822aec466e7411953e2dd
1 /* capture-wpcap.c
2 * WinPcap/Npcap-specific interfaces for capturing. We load WinPcap/Npcap
3 * at run time, so that we only need one Wireshark binary and one TShark
4 * binary for Windows, regardless of whether WinPcap/Npcap is installed
5 * or not.
6 *
7 * Wireshark - Network traffic analyzer
8 * By Gerald Combs <gerald@wireshark.org>
9 * Copyright 2001 Gerald Combs
10 *
11 * SPDX-License-Identifier: GPL-2.0-or-later
12 */
13
14 #include "config.h"
15
16 #include <wireshark.h>
17
18 #include <windows.h>
19 #include <wchar.h>
20 #include <tchar.h>
21
22 #include <stdio.h>
23
24 #include <ws_attributes.h>
25
26 #include "capture/capture-wpcap.h"
27 #include <wsutil/feature_list.h>
28
29 bool has_wpcap;
30
31 #ifdef HAVE_LIBPCAP
32
33 #include <gmodule.h>
34
35 #include <epan/strutil.h>
36
37 #include "capture/capture_ifinfo.h"
38 #include "capture/capture-pcap-util.h"
39 #include "capture/capture-pcap-util-int.h"
40
41 #include <wsutil/file_util.h>
42 #include <wsutil/strtoi.h>
43 #include <wsutil/ws_assert.h>
44
45 #define MAX_WIN_IF_NAME_LEN 511
46
47 static void (*p_pcap_close) (pcap_t *);
48 static int (*p_pcap_stats) (pcap_t *, struct pcap_stat *);
49 static int (*p_pcap_dispatch) (pcap_t *, int, pcap_handler, unsigned char *);
50 static int (*p_pcap_snapshot) (pcap_t *);
51 static int (*p_pcap_datalink) (pcap_t *);
52 static int (*p_pcap_setfilter) (pcap_t *, struct bpf_program *);
53 static char* (*p_pcap_geterr) (pcap_t *);
54 static int (*p_pcap_compile) (pcap_t *, struct bpf_program *, const char *, int,
55 bpf_u_int32);
56 static int (*p_pcap_compile_nopcap) (int, int, struct bpf_program *, const char *, int,
57 bpf_u_int32);
58 static int (*p_pcap_lookupnet) (const char *, bpf_u_int32 *, bpf_u_int32 *,
59 char *);
60 static pcap_t* (*p_pcap_open_live) (const char *, int, int, int, char *);
61 static int (*p_pcap_loop) (pcap_t *, int, pcap_handler, unsigned char *);
62 static pcap_t* (*p_pcap_open_dead) (int, int);
63 static void (*p_pcap_freecode) (struct bpf_program *);
64 static int (*p_pcap_findalldevs) (pcap_if_t **, char *);
65 static void (*p_pcap_freealldevs) (pcap_if_t *);
66 static int (*p_pcap_datalink_name_to_val) (const char *);
67 static const char *(*p_pcap_datalink_val_to_name) (int);
68 static const char *(*p_pcap_datalink_val_to_description) (int);
69 static void (*p_pcap_breakloop) (pcap_t *);
70 static const char *(*p_pcap_lib_version) (void);
71 static int (*p_pcap_setbuff) (pcap_t *, int dim);
72 static int (*p_pcap_next_ex) (pcap_t *, struct pcap_pkthdr **pkt_header, const u_char **pkt_data);
73 #ifdef HAVE_PCAP_REMOTE
74 static pcap_t* (*p_pcap_open) (const char *, int, int, int,
75 struct pcap_rmtauth *, char *);
76 static int (*p_pcap_findalldevs_ex) (const char *, struct pcap_rmtauth *,
77 pcap_if_t **, char *);
78 static int (*p_pcap_createsrcstr) (char *, int, const char *, const char *,
79 const char *, char *);
80 #endif
81 #ifdef HAVE_PCAP_SETSAMPLING
82 static struct pcap_samp* (*p_pcap_setsampling)(pcap_t *);
83 #endif
84
85 static int (*p_pcap_list_datalinks)(pcap_t *, int **);
86 static int (*p_pcap_set_datalink)(pcap_t *, int);
87
88 #ifdef HAVE_PCAP_FREE_DATALINKS
89 static int (*p_pcap_free_datalinks)(int *);
90 #endif
91
92 static char *(*p_bpf_image)(const struct bpf_insn *, int);
93
94 #ifdef HAVE_PCAP_CREATE
95 static pcap_t *(*p_pcap_create)(const char *, char *);
96 static int (*p_pcap_set_snaplen)(pcap_t *, int);
97 static int (*p_pcap_set_promisc)(pcap_t *, int);
98 static int (*p_pcap_can_set_rfmon)(pcap_t *);
99 static int (*p_pcap_set_rfmon)(pcap_t *, int);
100 static int (*p_pcap_set_timeout)(pcap_t *, int);
101 static int (*p_pcap_set_buffer_size)(pcap_t *, int);
102 static int (*p_pcap_activate)(pcap_t *);
103 static const char *(*p_pcap_statustostr)(int);
104 #endif
105
106 #ifdef HAVE_PCAP_SET_TSTAMP_TYPE
107 static int (*p_pcap_set_tstamp_type)(pcap_t *, int);
108 static int (*p_pcap_set_tstamp_precision)(pcap_t *, int);
109 static int (*p_pcap_get_tstamp_precision)(pcap_t *);
110 static int (*p_pcap_list_tstamp_types)(pcap_t *, int **);
111 static void (*p_pcap_free_tstamp_types)(int *);
112 static int (*p_pcap_tstamp_type_name_to_val)(const char *);
113 static const char * (*p_pcap_tstamp_type_val_to_name)(int);
114 static const char * (*p_pcap_tstamp_type_val_to_description)(int);
115 #endif
116
117 typedef struct {
118 const char *name;
119 void * *ptr;
120 bool optional;
121 } symbol_table_t;
122
123 #define SYM(x, y) { G_STRINGIFY(x) , (void *) &G_PASTE(p_,x), y }
124
125 void
126 load_wpcap(void)
127 {
128
129 /* These are the symbols I need or want from Wpcap */
130 static const symbol_table_t symbols[] = {
131 SYM(pcap_close, false),
132 SYM(pcap_stats, false),
133 SYM(pcap_dispatch, false),
134 SYM(pcap_snapshot, false),
135 SYM(pcap_datalink, false),
136 SYM(pcap_setfilter, false),
137 SYM(pcap_geterr, false),
138 SYM(pcap_compile, false),
139 SYM(pcap_compile_nopcap, false),
140 SYM(pcap_lookupnet, false),
141 #ifdef HAVE_PCAP_REMOTE
142 SYM(pcap_open, false),
143 SYM(pcap_findalldevs_ex, false),
144 SYM(pcap_createsrcstr, false),
145 #endif
146 SYM(pcap_open_live, false),
147 SYM(pcap_open_dead, false),
148 #ifdef HAVE_PCAP_SETSAMPLING
149 SYM(pcap_setsampling, true),
150 #endif
151 SYM(pcap_loop, false),
152 SYM(pcap_freecode, false),
153 SYM(pcap_findalldevs, false),
154 SYM(pcap_freealldevs, false),
155 SYM(pcap_datalink_name_to_val, false),
156 SYM(pcap_datalink_val_to_name, false),
157 SYM(pcap_datalink_val_to_description, false),
158 SYM(pcap_breakloop, false),
159 SYM(pcap_lib_version, false),
160 SYM(pcap_setbuff, true),
161 SYM(pcap_next_ex, true),
162 SYM(pcap_list_datalinks, false),
163 SYM(pcap_set_datalink, false),
164 #ifdef HAVE_PCAP_FREE_DATALINKS
165 SYM(pcap_free_datalinks, true),
166 #endif
167 SYM(bpf_image, false),
168 #ifdef HAVE_PCAP_CREATE
169 SYM(pcap_create, true),
170 SYM(pcap_set_snaplen, true),
171 SYM(pcap_set_promisc, true),
172 SYM(pcap_can_set_rfmon, true),
173 SYM(pcap_set_rfmon, true),
174 SYM(pcap_set_timeout, false),
175 SYM(pcap_set_buffer_size, false),
176 SYM(pcap_activate, true),
177 SYM(pcap_statustostr, true),
178 #endif
179 #ifdef HAVE_PCAP_SET_TSTAMP_TYPE
180 SYM(pcap_set_tstamp_type, true),
181 SYM(pcap_set_tstamp_precision, true),
182 SYM(pcap_get_tstamp_precision, true),
183 SYM(pcap_list_tstamp_types, true),
184 SYM(pcap_free_tstamp_types, true),
185 SYM(pcap_tstamp_type_name_to_val, true),
186 SYM(pcap_tstamp_type_val_to_name, true),
187 SYM(pcap_tstamp_type_val_to_description, true),
188 #endif
189 { NULL, NULL, false }
190 };
191
192 GModule *wh; /* wpcap handle */
193 const symbol_table_t *sym;
194
195 wh = load_wpcap_module();
196
197 if (!wh) {
198 return;
199 }
200
201 sym = symbols;
202 while (sym->name) {
203 if (!g_module_symbol(wh, sym->name, sym->ptr)) {
204 if (sym->optional) {
205 /*
206 * We don't care if it's missing; we just
207 * don't use it.
208 */
209 *sym->ptr = NULL;
210 } else {
211 /*
212 * We require this symbol.
213 */
214 return;
215 }
216 }
217 sym++;
218 }
219
220
221 has_wpcap = true;
222 }
223
224 bool
225 caplibs_have_npcap(void)
226 {
227 return has_wpcap && g_str_has_prefix(p_pcap_lib_version(), "Npcap");
228 }
229
230 bool
231 caplibs_get_npcap_version(unsigned int *major, unsigned int *minor)
232 {
233 const char *version;
234 static const char prefix[] = "Npcap version ";
235
236 if (!has_wpcap)
237 return false; /* we don't have any pcap */
238
239 version = p_pcap_lib_version();
240 if (!g_str_has_prefix(version, prefix))
241 return false; /* we have it, but it's not Npcap */
242
243 /*
244 * This is Npcap; return the major and minor version numbers.
245 * First, skip pas the "Npcap version " prefix.
246 */
247 const char *major_version_number;
248 const char *minor_version_number;
249 const char *p;
250
251 /*
252 * Get the major version number.
253 */
254 major_version_number = version + sizeof prefix - 1;
255 if (!ws_strtou(major_version_number, &p, major))
256 return false; /* not a number */
257 if (*p != '.')
258 return false; /* not followed by a "." */
259 p++; /* skip over the '.' */
260
261 /*
262 * Get the minor version number.
263 */
264 minor_version_number = p;
265 if (!ws_strtou(minor_version_number, &p, minor))
266 return false; /* not a number */
267 if (*p != ',' && *p != '.' && *p != '\0') {
268 /*
269 * Not followed by a comma (to separate from "based on
270 * libpcap ..."), not followed by a period (in case Npcap
271 * ever has a dot-dot release), and not followed by a
272 * '\0' (in case it has only the Npcap version number).
273 */
274 return false;
275 }
276 return true;
277 }
278
279 static char *
280 local_code_page_str_to_utf8(char *str)
281 {
282 ULONG utf16_len;
283 wchar_t *utf16_str;
284 char *utf8_str;
285
286 if (str == NULL) {
287 return NULL;
288 }
289
290 utf16_len = MultiByteToWideChar(CP_ACP, 0, str, -1, NULL, 0);
291 utf16_str = g_malloc_n(utf16_len, sizeof(wchar_t));
292 MultiByteToWideChar(CP_ACP, 0, str, -1, utf16_str, utf16_len);
293
294 utf8_str = g_utf16_to_utf8(utf16_str, -1, NULL, NULL, NULL);
295
296 g_free(utf16_str);
297 return utf8_str;
298 }
299
300 static void
301 prepare_errbuf(char *errbuf)
302 {
303 ws_assert(errbuf);
304 errbuf[0] = '\0';
305 }
306
307 static void
308 convert_errbuf_to_utf8(char *errbuf)
309 {
310 char *utf8_err;
311 if (errbuf[0] == '\0') {
312 return;
313 }
314 errbuf[PCAP_ERRBUF_SIZE - 1] = '\0';
315 utf8_err = local_code_page_str_to_utf8(errbuf);
316 snprintf(errbuf, PCAP_ERRBUF_SIZE, "%s", utf8_err);
317 g_free(utf8_err);
318 }
319
320 static char *
321 cant_load_winpcap_err(const char *app_name)
322 {
323 return ws_strdup_printf(
324 "Unable to load Npcap or WinPcap (wpcap.dll); %s will not be able to\n"
325 "capture packets.\n"
326 "\n"
327 "In order to capture packets Npcap or WinPcap must be installed. See\n"
328 "\n"
329 " https://npcap.com/\n"
330 "\n"
331 "for a downloadable version of Npcap and for instructions on how to\n"
332 "install it.",
333 app_name);
334 }
335
336 void
337 pcap_close(pcap_t *a)
338 {
339 ws_assert(has_wpcap);
340 p_pcap_close(a);
341 }
342
343 int
344 pcap_stats(pcap_t *a, struct pcap_stat *b)
345 {
346 ws_assert(has_wpcap);
347 return p_pcap_stats(a, b);
348 }
349
350 int
351 pcap_dispatch(pcap_t *a, int b, pcap_handler c, unsigned char *d)
352 {
353 ws_assert(has_wpcap);
354 return p_pcap_dispatch(a, b, c, d);
355 }
356
357 int
358 pcap_snapshot(pcap_t *a)
359 {
360 ws_assert(has_wpcap);
361 return p_pcap_snapshot(a);
362 }
363
364 int
365 pcap_datalink(pcap_t *a)
366 {
367 ws_assert(has_wpcap);
368 return p_pcap_datalink(a);
369 }
370
371 int
372 pcap_set_datalink(pcap_t *p, int dlt)
373 {
374 ws_assert(has_wpcap);
375 return p_pcap_set_datalink(p, dlt);
376 }
377
378 int
379 pcap_setfilter(pcap_t *a, struct bpf_program *b)
380 {
381 ws_assert(has_wpcap);
382 return p_pcap_setfilter(a, b);
383 }
384
385 char*
386 pcap_geterr(pcap_t *a)
387 {
388 char *errbuf;
389 ws_assert(has_wpcap);
390 errbuf = p_pcap_geterr(a);
391 convert_errbuf_to_utf8(errbuf);
392 return errbuf;
393 }
394
395 int
396 pcap_compile(pcap_t *a, struct bpf_program *b, const char *c, int d,
397 bpf_u_int32 e)
398 {
399 ws_assert(has_wpcap);
400 return p_pcap_compile(a, b, c, d, e);
401 }
402
403 int
404 pcap_compile_nopcap(int a, int b, struct bpf_program *c, const char *d, int e,
405 bpf_u_int32 f)
406 {
407 ws_assert(has_wpcap);
408 return p_pcap_compile_nopcap(a, b, c, d, e, f);
409 }
410
411 int
412 pcap_lookupnet(const char *a, bpf_u_int32 *b, bpf_u_int32 *c, char *errbuf)
413 {
414 int ret;
415 ws_assert(has_wpcap);
416 ret = p_pcap_lookupnet(a, b, c, errbuf);
417 if (ret == -1)
418 convert_errbuf_to_utf8(errbuf);
419 return ret;
420 }
421
422 pcap_t*
423 pcap_open_live(const char *a, int b, int c, int d, char *errbuf)
424 {
425 pcap_t *p;
426 if (!has_wpcap) {
427 snprintf(errbuf, PCAP_ERRBUF_SIZE,
428 "unable to load Npcap or WinPcap (wpcap.dll); can't open %s to capture",
429 a);
430 return NULL;
431 }
432 prepare_errbuf(errbuf);
433 p = p_pcap_open_live(a, b, c, d, errbuf);
434 convert_errbuf_to_utf8(errbuf);
435 return p;
436 }
437
438 pcap_t*
439 pcap_open_dead(int a, int b)
440 {
441 if (!has_wpcap) {
442 return NULL;
443 }
444 return p_pcap_open_dead(a, b);
445 }
446
447 char *
448 bpf_image(const struct bpf_insn *a, int b)
449 {
450 if (!has_wpcap) {
451 return NULL;
452 }
453 return p_bpf_image(a, b);
454 }
455
456 #ifdef HAVE_PCAP_REMOTE
457 pcap_t*
458 pcap_open(const char *a, int b, int c, int d, struct pcap_rmtauth *e, char *errbuf)
459 {
460 pcap_t *ret;
461 if (!has_wpcap) {
462 snprintf(errbuf, PCAP_ERRBUF_SIZE,
463 "unable to load Npcap or WinPcap (wpcap.dll); can't open %s to capture",
464 a);
465 return NULL;
466 }
467 prepare_errbuf(errbuf);
468 ret = p_pcap_open(a, b, c, d, e, errbuf);
469 convert_errbuf_to_utf8(errbuf);
470 return ret;
471 }
472
473 int
474 ws_pcap_findalldevs_ex(const char *a, struct pcap_rmtauth *b, pcap_if_t **c, char *errbuf)
475 {
476 int ret;
477 ws_assert(has_wpcap);
478 ret = p_pcap_findalldevs_ex(a, b, c, errbuf);
479 if (ret == -1)
480 convert_errbuf_to_utf8(errbuf);
481 return ret;
482 }
483
484 int
485 pcap_createsrcstr(char *a, int b, const char *c, const char *d, const char *e,
486 char *errbuf)
487 {
488 int ret;
489 ws_assert(has_wpcap);
490 ret = p_pcap_createsrcstr(a, b, c, d, e, errbuf);
491 if (ret == -1)
492 convert_errbuf_to_utf8(errbuf);
493 return ret;
494 }
495 #endif
496
497 #ifdef HAVE_PCAP_SETSAMPLING
498 struct pcap_samp *
499 pcap_setsampling(pcap_t *a)
500 {
501 ws_assert(has_wpcap);
502 if (p_pcap_setsampling != NULL) {
503 return p_pcap_setsampling(a);
504 }
505 return NULL;
506 }
507 #endif
508
509 int
510 pcap_loop(pcap_t *a, int b, pcap_handler c, unsigned char *d)
511 {
512 ws_assert(has_wpcap);
513 return p_pcap_loop(a, b, c, d);
514 }
515
516 void
517 pcap_freecode(struct bpf_program *a)
518 {
519 ws_assert(has_wpcap);
520 p_pcap_freecode(a);
521 }
522
523 int
524 pcap_findalldevs(pcap_if_t **a, char *errbuf)
525 {
526 int ret;
527 ws_assert(has_wpcap);
528 ret = p_pcap_findalldevs(a, errbuf);
529 if (ret == -1)
530 convert_errbuf_to_utf8(errbuf);
531 return ret;
532 }
533
534 void
535 pcap_freealldevs(pcap_if_t *a)
536 {
537 ws_assert(has_wpcap);
538 p_pcap_freealldevs(a);
539 }
540
541 #ifdef HAVE_PCAP_CREATE
542 pcap_t *
543 pcap_create(const char *a, char *errbuf)
544 {
545 pcap_t *p;
546 ws_assert(has_wpcap && p_pcap_create != NULL);
547 p = p_pcap_create(a, errbuf);
548 if (p == NULL)
549 convert_errbuf_to_utf8(errbuf);
550 return p;
551 }
552
553 int
554 pcap_set_snaplen(pcap_t *a, int b)
555 {
556 ws_assert(has_wpcap && p_pcap_set_snaplen != NULL);
557 return p_pcap_set_snaplen(a, b);
558 }
559
560 int
561 pcap_set_promisc(pcap_t *a, int b)
562 {
563 ws_assert(has_wpcap && p_pcap_set_promisc != NULL);
564 return p_pcap_set_promisc(a, b);
565 }
566
567 int
568 pcap_can_set_rfmon(pcap_t *a)
569 {
570 ws_assert(has_wpcap);
571 if (p_pcap_can_set_rfmon != NULL) {
572 return p_pcap_can_set_rfmon(a);
573 }
574 return 0;
575 }
576
577 int
578 pcap_set_rfmon(pcap_t *a, int b)
579 {
580 ws_assert(has_wpcap);
581 if (p_pcap_set_rfmon != NULL) {
582 return p_pcap_set_rfmon(a, b);
583 }
584
585 /*
586 * This routine is in WinPcap 4.1.x but is not exported, so
587 * it won't be found. Most other libpcap 1.0 routines are
588 * present, so it might get called.
589 *
590 * Silently pretend to succeed, rather than crashing by
591 * dereferencing a null pointer.
592 */
593 return 0;
594 }
595
596 int
597 pcap_set_timeout(pcap_t *a, int b)
598 {
599 ws_assert(has_wpcap && p_pcap_set_timeout != NULL);
600 return p_pcap_set_timeout(a, b);
601 }
602 int
603 pcap_set_buffer_size(pcap_t *a, int b)
604 {
605 ws_assert(has_wpcap && p_pcap_set_buffer_size != NULL);
606 return p_pcap_set_buffer_size(a, b);
607 }
608
609 int
610 pcap_activate(pcap_t *a)
611 {
612 ws_assert(has_wpcap && p_pcap_activate != NULL);
613 return p_pcap_activate(a);
614
615 }
616
617 const char *
618 pcap_statustostr(int a)
619 {
620 static char ebuf[15 + 10 + 1];
621
622 ws_assert(has_wpcap);
623 if (p_pcap_statustostr != NULL) {
624 return p_pcap_statustostr(a);
625 }
626
627 /*
628 * This routine is in WinPcap 4.1.x but is not exported, so
629 * it won't be found. Most other libpcap 1.0 routines are
630 * present, so it might get called.
631 *
632 * Return an error message that reports the status value
633 * and indicates that, without pcap_statustostr(), it
634 * can't be translated to a message, rather than crashing
635 * by dereferencing a null pointer.
636 *
637 * XXX - copy routine from pcap.c ???
638 */
639 (void)snprintf(ebuf, sizeof ebuf, "Don't have pcap_statustostr(), can't translate error: %d", a);
640 return ebuf;
641 }
642 #endif
643
644 #ifdef HAVE_PCAP_SET_TSTAMP_TYPE
645 int
646 pcap_set_tstamp_type(pcap_t *a, int b) {
647 ws_assert(has_wpcap);
648 if (p_pcap_set_tstamp_type != NULL) {
649 return p_pcap_set_tstamp_type(a, b);
650 }
651 return PCAP_ERROR_CANTSET_TSTAMP_TYPE;
652 }
653
654 int
655 pcap_set_tstamp_precision(pcap_t *a, int b) {
656 ws_assert(has_wpcap);
657 if (p_pcap_set_tstamp_precision != NULL) {
658 return p_pcap_set_tstamp_precision(a, b);
659 }
660 // No error code defined so return NOTSUP.
661 return PCAP_ERROR_TSTAMP_PRECISION_NOTSUP;
662 }
663
664 int
665 pcap_get_tstamp_precision(pcap_t *a) {
666 ws_assert(has_wpcap);
667 if (p_pcap_get_tstamp_precision != NULL) {
668 return p_pcap_get_tstamp_precision(a);
669 }
670 // No error code defined so return MICRO.
671 return PCAP_TSTAMP_PRECISION_MICRO;
672 }
673
674 int
675 pcap_list_tstamp_types(pcap_t *a, int **b) {
676 ws_assert(has_wpcap);
677 if (p_pcap_list_tstamp_types != NULL) {
678 return p_pcap_list_tstamp_types(a, b);
679 }
680 return PCAP_ERROR;
681 }
682
683 void
684 pcap_free_tstamp_types(int *a) {
685 ws_assert(has_wpcap);
686 if (p_pcap_free_tstamp_types != NULL) {
687 p_pcap_free_tstamp_types(a);
688 }
689 }
690
691 int
692 pcap_tstamp_type_name_to_val(const char *a) {
693 ws_assert(has_wpcap);
694 if (p_pcap_tstamp_type_name_to_val != NULL) {
695 return p_pcap_tstamp_type_name_to_val(a);
696 }
697 return PCAP_ERROR;
698 }
699
700 const char *
701 pcap_tstamp_type_val_to_name(int a) {
702 ws_assert(has_wpcap);
703 if (p_pcap_tstamp_type_val_to_name != NULL) {
704 return p_pcap_tstamp_type_val_to_name(a);
705 }
706 return NULL;
707 }
708
709 const char *
710 pcap_tstamp_type_val_to_description(int a) {
711 ws_assert(has_wpcap);
712 if (p_pcap_tstamp_type_val_to_description != NULL) {
713 return p_pcap_tstamp_type_val_to_description(a);
714 }
715 return NULL;
716 }
717 #endif
718
719 int
720 pcap_datalink_name_to_val(const char *name)
721 {
722 if (has_wpcap)
723 return p_pcap_datalink_name_to_val(name);
724 else
725 return -1;
726 }
727
728 int
729 pcap_list_datalinks(pcap_t *p, int **ddlt)
730 {
731 if (has_wpcap)
732 return p_pcap_list_datalinks(p, ddlt);
733 else
734 return -1;
735 }
736
737 #ifdef HAVE_PCAP_FREE_DATALINKS
738 void
739 pcap_free_datalinks(int *ddlt)
740 {
741 ws_assert(has_wpcap);
742
743 /*
744 * If we don't have pcap_free_datalinks() in WinPcap,
745 * we don't free the memory - we can't use free(), as
746 * we might not have been built with the same version
747 * of the C runtime library as WinPcap was, and, if we're
748 * not, free() isn't guaranteed to work on something
749 * allocated by WinPcap.
750 */
751 if (p_pcap_free_datalinks != NULL)
752 p_pcap_free_datalinks(ddlt);
753 }
754 #endif
755
756 const char *
757 pcap_datalink_val_to_name(int dlt)
758 {
759 if (has_wpcap)
760 return p_pcap_datalink_val_to_name(dlt);
761 else
762 return NULL;
763 }
764
765 const char *
766 pcap_datalink_val_to_description(int dlt)
767 {
768 if (has_wpcap)
769 return p_pcap_datalink_val_to_description(dlt);
770 return NULL;
771 }
772
773 void pcap_breakloop(pcap_t *a)
774 {
775 p_pcap_breakloop(a);
776 }
777
778 /* setbuff is win32 specific! */
779 int pcap_setbuff(pcap_t *a, int b)
780 {
781 ws_assert(has_wpcap);
782 return p_pcap_setbuff(a, b);
783 }
784
785 int pcap_next_ex(pcap_t *a, struct pcap_pkthdr **b, const u_char **c)
786 {
787 ws_assert(has_wpcap);
788 return p_pcap_next_ex(a, b, c);
789 }
790
791 #ifdef HAVE_PCAP_REMOTE
792 GList *
793 get_remote_interface_list(const char *hostname, const char *port,
794 int auth_type, const char *username,
795 const char *passwd, int *err, char **err_str)
796 {
797 if (!has_wpcap) {
798 /*
799 * We don't have Npcap or WinPcap, so we can't get a list of
800 * interfaces.
801 */
802 *err = DONT_HAVE_PCAP;
803 if (err_str != NULL)
804 *err_str = cant_load_winpcap_err("you");
805 return NULL;
806 }
807
808 return get_interface_list_findalldevs_ex(hostname, port, auth_type,
809 username, passwd, err, err_str);
810 }
811 #endif
812
813 GList *
814 get_interface_list(int *err, char **err_str)
815 {
816 if (!has_wpcap) {
817 /*
818 * We don't have Npcap or WinPcap, so we can't get a list of
819 * interfaces.
820 */
821 *err = DONT_HAVE_PCAP;
822 if (err_str != NULL)
823 *err_str = cant_load_winpcap_err("you");
824 return NULL;
825 }
826
827 return get_interface_list_findalldevs(err, err_str);
828 }
829
830 /*
831 * Get an error message string for a CANT_GET_INTERFACE_LIST error from
832 * "get_interface_list()".
833 */
834 char *
835 cant_get_if_list_error_message(const char *err_str)
836 {
837 /*
838 * If the error message includes "Not enough storage is available
839 * to process this command" or "The operation completed successfully",
840 * suggest that they install a WinPcap version later than 3.0.
841 */
842 if (strstr(err_str, "Not enough storage is available to process this command") != NULL ||
843 strstr(err_str, "The operation completed successfully") != NULL) {
844 return ws_strdup_printf("Can't get list of interfaces: %s\n"
845 "This might be a problem with WinPcap 3.0. You should try updating to\n"
846 "Npcap. See https://npcap.com/ for more information.",
847 err_str);
848 }
849 return ws_strdup_printf("Can't get list of interfaces: %s", err_str);
850 }
851
852 if_capabilities_t *
853 get_if_capabilities_local(interface_options *interface_opts,
854 cap_device_open_status *status, char **status_str)
855 {
856 /*
857 * We're not getting capaibilities for a remote device; use
858 * pcap_create() and pcap_activate() if we have them, so that
859 * we can set various options, otherwise use pcap_open_live().
860 */
861 #ifdef HAVE_PCAP_CREATE
862 if (p_pcap_create != NULL)
863 return get_if_capabilities_pcap_create(interface_opts, status,
864 status_str);
865 #endif
866 return get_if_capabilities_pcap_open_live(interface_opts, status,
867 status_str);
868 }
869
870 pcap_t *
871 open_capture_device_local(capture_options *capture_opts,
872 interface_options *interface_opts, int timeout,
873 cap_device_open_status *open_status,
874 char (*open_status_str)[PCAP_ERRBUF_SIZE])
875 {
876 /*
877 * We're not opening a remote device; use pcap_create() and
878 * pcap_activate() if we have them, so that we can set various
879 * options, otherwise use pcap_open_live().
880 */
881 #ifdef HAVE_PCAP_CREATE
882 if (p_pcap_create != NULL)
883 return open_capture_device_pcap_create(capture_opts,
884 interface_opts, timeout, open_status, open_status_str);
885 #endif
886 return open_capture_device_pcap_open_live(interface_opts, timeout,
887 open_status, open_status_str);
888 }
889
890 /*
891 * Append the WinPcap or Npcap SDK version with which we were compiled to a GString.
892 */
893 void
894 gather_caplibs_compile_info(feature_list l)
895 {
896 with_feature(l, "libpcap");
897 }
898
899 void
900 gather_caplibs_runtime_info(feature_list l)
901 {
902 /*
903 * On Windows, we might have been compiled with WinPcap/Npcap but
904 * might not have it loaded; indicate whether we have it or
905 * not and, if we have it, what version we have.
906 */
907 if (has_wpcap) {
908 with_feature(l, "%s", p_pcap_lib_version());
909 } else
910 without_feature(l, "Npcap or WinPcap");
911 }
912
913 /*
914 * If npf.sys is running, return true.
915 */
916 bool
917 npf_sys_is_running(void)
918 {
919 SC_HANDLE h_scm, h_serv;
920 SERVICE_STATUS ss;
921
922 h_scm = OpenSCManager(NULL, NULL, 0);
923 if (!h_scm)
924 return false;
925
926 h_serv = OpenService(h_scm, _T("npcap"), SC_MANAGER_CONNECT|SERVICE_QUERY_STATUS);
927 if (!h_serv) {
928 h_serv = OpenService(h_scm, _T("npf"), SC_MANAGER_CONNECT|SERVICE_QUERY_STATUS);
929 if (!h_serv) {
930 CloseServiceHandle(h_scm);
931 return false;
932 }
933 }
934
935 if (QueryServiceStatus(h_serv, &ss)) {
936 if (ss.dwCurrentState & SERVICE_RUNNING) {
937 CloseServiceHandle(h_serv);
938 CloseServiceHandle(h_scm);
939 return true;
940 }
941 }
942 CloseServiceHandle(h_serv);
943 CloseServiceHandle(h_scm);
944 return false;
945 }
946
947 #else /* HAVE_LIBPCAP */
948
949 void
950 load_wpcap(void)
951 {
952 return;
953 }
954
955 /*
956 * Append an indication that we were not compiled with WinPcap
957 * to a GString.
958 */
959 void
960 gather_caplibs_compile_info(feature_list l)
961 {
962 without_feature(l, "libpcap");
963 }
964
965 void
966 gather_caplibs_runtime_info(feature_list l _U_)
967 {
968 }
969
970 bool
971 caplibs_have_npcap(void)
972 {
973 return false;
974 }
975
976 #endif /* HAVE_LIBPCAP */
977
978 /*
979 * Editor modelines - https://www.wireshark.org/tools/modelines.html
980 *
981 * Local variables:
982 * c-basic-offset: 8
983 * tab-width: 8
984 * indent-tabs-mode: t
985 * End:
986 *
987 * vi: set shiftwidth=8 tabstop=8 noexpandtab:
988 * :indentSize=8:tabSize=8:noTabs=false:
989 */
Metzes wireshark repo