search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
dcerpc-nt: make use of cb_str_postprocess_options() in cb_byte_array_postprocess()
[wireshark-sm.git] / wiretap / wtap-int.h
blobcfc95acfab071c93e70704f844781a621e4dcb64
1 /** @file
2 *
3 * Wiretap Library
4 * Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
5 *
6 * SPDX-License-Identifier: GPL-2.0-or-later
7 */
8
9 #ifndef __WTAP_INT_H__
10 #define __WTAP_INT_H__
11
12 #include "wtap.h"
13 #include <time.h>
14
15 #ifdef _WIN32
16 #include <winsock2.h>
17 #endif
18
19 #include <wsutil/array.h>
20 #include <wsutil/file_util.h>
21
22 #include "wtap_opttypes.h"
23
24 void wtap_init_file_type_subtypes(void);
25
26 WS_DLL_PUBLIC
27 int wtap_fstat(wtap *wth, ws_statb64 *statb, int *err);
28
29 typedef bool (*subtype_read_func)(struct wtap*, wtap_rec *,
30 Buffer *, int *, char **, int64_t *);
31 typedef bool (*subtype_seek_read_func)(struct wtap*, int64_t, wtap_rec *,
32 Buffer *, int *, char **);
33
34 /**
35 * Struct holding data of the currently read file.
36 */
37 struct wtap {
38 FILE_T fh;
39 FILE_T random_fh; /**< Secondary FILE_T for random access */
40 bool ispipe; /**< true if the file is a pipe */
41 int file_type_subtype;
42 unsigned snapshot_length;
43 GArray *shb_hdrs;
44 GArray *shb_iface_to_global; /**< An array mapping the per-section interface numbers to global IDs */
45 GArray *interface_data; /**< An array holding the interface data from pcapng IDB:s or equivalent(?)*/
46 unsigned next_interface_data; /**< Next interface data that wtap_get_next_interface_description() will show */
47 GArray *nrbs; /**< holds the Name Res Blocks, or NULL */
48 GArray *dsbs; /**< An array of DSBs (of type wtap_block_t), or NULL if not supported. */
49 GArray *meta_events; /**< An array of meta events (of type wtap_block_t), or NULL if not supported. */
50
51 char *pathname; /**< File pathname; might just be "-" */
52
53 void *priv; /* this one holds per-file state and is free'd automatically by wtap_close() */
54 void *wslua_data; /* this one holds wslua state info and is not free'd */
55
56 subtype_read_func subtype_read;
57 subtype_seek_read_func subtype_seek_read;
58 void (*subtype_sequential_close)(struct wtap*);
59 void (*subtype_close)(struct wtap*);
60 int file_encap; /* per-file, for those
61 * file formats that have
62 * per-file encapsulation
63 * types rather than per-packet
64 * encapsulation types
65 */
66 int file_tsprec; /* per-file timestamp precision
67 * of the fractional part of
68 * the time stamp, for those
69 * file formats that have
70 * per-file timestamp
71 * precision rather than
72 * per-packet timestamp
73 * precision
74 * e.g. WTAP_TSPREC_USEC
75 */
76 wtap_new_ipv4_callback_t add_new_ipv4;
77 wtap_new_ipv6_callback_t add_new_ipv6;
78 wtap_new_secrets_callback_t add_new_secrets;
79 GPtrArray *fast_seek;
80 };
81
82 struct wtap_dumper;
83
84 /*
85 * This could either be a FILE * or a handle used by code that writes
86 * a compressed file.
87 */
88 typedef void *WFILE_T;
89
90 typedef bool (*subtype_add_idb_func)(struct wtap_dumper*, wtap_block_t,
91 int *, char **);
92
93 typedef bool (*subtype_write_func)(struct wtap_dumper*,
94 const wtap_rec *rec,
95 const uint8_t*, int*, char**);
96 typedef bool (*subtype_finish_func)(struct wtap_dumper*, int*, char**);
97
98 struct wtap_dumper {
99 WFILE_T fh;
100 int file_type_subtype;
101 int snaplen;
102 int file_encap; /* per-file, for those
103 * file formats that have
104 * per-file encapsulation
105 * types rather than per-packet
106 * encapsulation types
107 */
108 wtap_compression_type compression_type;
109 bool needs_reload; /* true if the file requires re-loading after saving with wtap */
110 int64_t bytes_dumped;
111
112 void *priv; /* this one holds per-file state and is free'd automatically by wtap_dump_close() */
113 void *wslua_data; /* this one holds wslua state info and is not free'd */
114
115 subtype_add_idb_func subtype_add_idb; /* add an IDB, writing it as necessary */
116 subtype_write_func subtype_write; /* write out a record */
117 subtype_finish_func subtype_finish; /* write out information to finish writing file */
118
119 addrinfo_lists_t *addrinfo_lists; /**< Struct containing lists of resolved addresses */
120 GArray *shb_hdrs;
121 const GArray *shb_iface_to_global; /**< An array mapping the per-section interface numbers to global IDs */
122 GArray *interface_data; /**< An array holding the interface data from pcapng IDB:s or equivalent(?) NULL if not present.*/
123 GArray *dsbs_initial; /**< An array of initial DSBs (of type wtap_block_t) */
124
125 /*
126 * Additional blocks that might grow as data is being collected.
127 * Subtypes should write these blocks before writing new packet blocks.
128 */
129 const GArray *nrbs_growing; /**< A reference to an array of NRBs (of type wtap_block_t) */
130 const GArray *dsbs_growing; /**< A reference to an array of DSBs (of type wtap_block_t) */
131 const GArray *mevs_growing; /**< A reference to an array of Sysdig meta events (of type wtap_block_t) */
132 unsigned nrbs_growing_written; /**< Number of already processed NRBs in nrbs_growing. */
133 unsigned dsbs_growing_written; /**< Number of already processed DSBs in dsbs_growing. */
134 unsigned mevs_growing_written; /**< Number of already processed meta events in mevs_growing. */
135 };
136
137 WS_DLL_PUBLIC bool wtap_dump_file_write(wtap_dumper *wdh, const void *buf,
138 size_t bufsize, int *err);
139 WS_DLL_PUBLIC int64_t wtap_dump_file_seek(wtap_dumper *wdh, int64_t offset, int whence, int *err);
140 WS_DLL_PUBLIC int64_t wtap_dump_file_tell(wtap_dumper *wdh, int *err);
141
142 extern int wtap_num_file_types;
143
144 #include <wsutil/pint.h>
145
146 /* Macros to byte-swap possibly-unaligned 64-bit, 32-bit and 16-bit quantities;
147 * they take a pointer to the quantity, and byte-swap it in place.
148 */
149 #define PBSWAP64(p) \
150 { \
151 uint8_t tmp; \
152 tmp = (p)[7]; \
153 (p)[7] = (p)[0]; \
154 (p)[0] = tmp; \
155 tmp = (p)[6]; \
156 (p)[6] = (p)[1]; \
157 (p)[1] = tmp; \
158 tmp = (p)[5]; \
159 (p)[5] = (p)[2]; \
160 (p)[2] = tmp; \
161 tmp = (p)[4]; \
162 (p)[4] = (p)[3]; \
163 (p)[3] = tmp; \
164 }
165 #define PBSWAP32(p) \
166 { \
167 uint8_t tmp; \
168 tmp = (p)[3]; \
169 (p)[3] = (p)[0]; \
170 (p)[0] = tmp; \
171 tmp = (p)[2]; \
172 (p)[2] = (p)[1]; \
173 (p)[1] = tmp; \
174 }
175 #define PBSWAP16(p) \
176 { \
177 uint8_t tmp; \
178 tmp = (p)[1]; \
179 (p)[1] = (p)[0]; \
180 (p)[0] = tmp; \
181 }
182
183
184 /* Pointer routines to put items out in a particular byte order.
185 * These will work regardless of the byte alignment of the pointer.
186 */
187
188 #ifndef phtons
189 #define phtons(p, v) \
190 { \
191 (p)[0] = (uint8_t)((v) >> 8); \
192 (p)[1] = (uint8_t)((v) >> 0); \
193 }
194 #endif
195
196 #ifndef phton24
197 #define phton24(p, v) \
198 { \
199 (p)[0] = (uint8_t)((v) >> 16); \
200 (p)[1] = (uint8_t)((v) >> 8); \
201 (p)[2] = (uint8_t)((v) >> 0); \
202 }
203 #endif
204
205 #ifndef phtonl
206 #define phtonl(p, v) \
207 { \
208 (p)[0] = (uint8_t)((v) >> 24); \
209 (p)[1] = (uint8_t)((v) >> 16); \
210 (p)[2] = (uint8_t)((v) >> 8); \
211 (p)[3] = (uint8_t)((v) >> 0); \
212 }
213 #endif
214
215 #ifndef phtonll
216 #define phtonll(p, v) \
217 { \
218 (p)[0] = (uint8_t)((v) >> 56); \
219 (p)[1] = (uint8_t)((v) >> 48); \
220 (p)[2] = (uint8_t)((v) >> 40); \
221 (p)[3] = (uint8_t)((v) >> 32); \
222 (p)[4] = (uint8_t)((v) >> 24); \
223 (p)[5] = (uint8_t)((v) >> 16); \
224 (p)[6] = (uint8_t)((v) >> 8); \
225 (p)[7] = (uint8_t)((v) >> 0); \
226 }
227 #endif
228
229 #ifndef phtole8
230 #define phtole8(p, v) \
231 { \
232 (p)[0] = (uint8_t)((v) >> 0); \
233 }
234 #endif
235
236 #ifndef phtoles
237 #define phtoles(p, v) \
238 { \
239 (p)[0] = (uint8_t)((v) >> 0); \
240 (p)[1] = (uint8_t)((v) >> 8); \
241 }
242 #endif
243
244 #ifndef phtole24
245 #define phtole24(p, v) \
246 { \
247 (p)[0] = (uint8_t)((v) >> 0); \
248 (p)[1] = (uint8_t)((v) >> 8); \
249 (p)[2] = (uint8_t)((v) >> 16); \
250 }
251 #endif
252
253 #ifndef phtolel
254 #define phtolel(p, v) \
255 { \
256 (p)[0] = (uint8_t)((v) >> 0); \
257 (p)[1] = (uint8_t)((v) >> 8); \
258 (p)[2] = (uint8_t)((v) >> 16); \
259 (p)[3] = (uint8_t)((v) >> 24); \
260 }
261 #endif
262
263 #ifndef phtolell
264 #define phtolell(p, v) \
265 { \
266 (p)[0] = (uint8_t)((v) >> 0); \
267 (p)[1] = (uint8_t)((v) >> 8); \
268 (p)[2] = (uint8_t)((v) >> 16); \
269 (p)[3] = (uint8_t)((v) >> 24); \
270 (p)[4] = (uint8_t)((v) >> 32); \
271 (p)[5] = (uint8_t)((v) >> 40); \
272 (p)[6] = (uint8_t)((v) >> 48); \
273 (p)[7] = (uint8_t)((v) >> 56); \
274 }
275 #endif
276
277 /*
278 * Read a given number of bytes from a file into a buffer or, if
279 * buf is NULL, just discard them.
280 *
281 * If we succeed, return true.
282 *
283 * If we get an EOF, return false with *err set to 0, reporting this
284 * as an EOF.
285 *
286 * If we get fewer bytes than the specified number, return false with
287 * *err set to WTAP_ERR_SHORT_READ, reporting this as a short read
288 * error.
289 *
290 * If we get a read error, return false with *err and *err_info set
291 * appropriately.
292 */
293 WS_DLL_PUBLIC
294 bool
295 wtap_read_bytes_or_eof(FILE_T fh, void *buf, unsigned int count, int *err,
296 char **err_info);
297
298 /*
299 * Read a given number of bytes from a file into a buffer or, if
300 * buf is NULL, just discard them.
301 *
302 * If we succeed, return true.
303 *
304 * If we get fewer bytes than the specified number, including getting
305 * an EOF, return false with *err set to WTAP_ERR_SHORT_READ, reporting
306 * this as a short read error.
307 *
308 * If we get a read error, return false with *err and *err_info set
309 * appropriately.
310 */
311 WS_DLL_PUBLIC
312 bool
313 wtap_read_bytes(FILE_T fh, void *buf, unsigned int count, int *err,
314 char **err_info);
315
316 /*
317 * Read packet data into a Buffer, growing the buffer as necessary.
318 *
319 * This returns an error on a short read, even if the short read hit
320 * the EOF immediately. (The assumption is that each packet has a
321 * header followed by raw packet data, and that we've already read the
322 * header, so if we get an EOF trying to read the packet data, the file
323 * has been cut short, even if the read didn't read any data at all.)
324 */
325 WS_DLL_PUBLIC
326 bool
327 wtap_read_packet_bytes(FILE_T fh, Buffer *buf, unsigned length, int *err,
328 char **err_info);
329
330 /*
331 * Implementation of wth->subtype_read that reads the full file contents
332 * as a single packet.
333 */
334 bool
335 wtap_full_file_read(wtap *wth, wtap_rec *rec, Buffer *buf,
336 int *err, char **err_info, int64_t *data_offset);
337
338 /*
339 * Implementation of wth->subtype_seek_read that reads the full file contents
340 * as a single packet.
341 */
342 bool
343 wtap_full_file_seek_read(wtap *wth, int64_t seek_off, wtap_rec *rec, Buffer *buf, int *err, char **err_info);
344
345 /**
346 * Add an IDB to the interface data for a file.
347 */
348 void
349 wtap_add_idb(wtap *wth, wtap_block_t idb);
350
351 /**
352 * Invokes the callback with the given name resolution block.
353 */
354 void
355 wtapng_process_nrb(wtap *wth, wtap_block_t nrb);
356
357 /**
358 * Invokes the callback with the given decryption secrets block.
359 */
360 void
361 wtapng_process_dsb(wtap *wth, wtap_block_t dsb);
362
363 void
364 wtap_register_compatibility_file_subtype_name(const char *old_name,
365 const char *new_name);
366
367 void
368 wtap_register_backwards_compatibility_lua_name(const char *name, int ft);
369
370 struct backwards_compatibiliity_lua_name {
371 const char *name;
372 int ft;
373 };
374
375 WS_DLL_PUBLIC
376 const GArray *get_backwards_compatibility_lua_table(void);
377
378 /**
379 * @brief Gets new section header block for new file, based on existing info.
380 * @details Creates a new wtap_block_t section header block and only
381 * copies appropriate members of the SHB for a new file. In
382 * particular, the comment string is copied, and any custom options
383 * which should be copied are copied. The os, hardware, and
384 * application strings are *not* copied.
385 *
386 * @note Use wtap_free_shb() to free the returned section header.
387 *
388 * @param wth The wiretap session.
389 * @return The new section header, which must be wtap_free_shb'd.
390 */
391 GArray* wtap_file_get_shb_for_new_file(wtap *wth);
392
393 /**
394 * @brief Generate an IDB, given a wiretap handle for the file,
395 * using the file's encapsulation type, snapshot length,
396 * and time stamp resolution, and add it to the interface
397 * data for a file.
398 * @note This requires that the encapsulation type and time stamp
399 * resolution not be per-packet; it will terminate the process
400 * if either of them are.
401 *
402 * @param wth The wiretap handle for the file.
403 */
404 WS_DLL_PUBLIC
405 void wtap_add_generated_idb(wtap *wth);
406
407 /**
408 * @brief Generate an IDB, given a set of dump parameters, using the
409 * parameters' encapsulation type, snapshot length, and time stamp
410 * resolution. For use when a dump file has a given encapsulation type,
411 * and the source is not passing IDBs.
412 * @note This requires that the encapsulation type and time stamp
413 * resolution not be per-packet; it will terminate the process
414 * if either of them are.
415 *
416 * @param params The wtap dump parameters.
417 */
418
419 wtap_block_t wtap_dump_params_generate_idb(const wtap_dump_params *params);
420
421 /**
422 * @brief Generate an IDB, given a packet record, using the records's
423 * encapsulation type and time stamp resolution, and the default
424 * snap length for the encapsulation type. For use when a file has
425 * per-packet encapsulation, and the source is not passing along IDBs.
426 * @note This requires that the record type be REC_TYPE_PACKET, and the
427 * encapsulation type and time stamp resolution not be per-packet;
428 * it will terminate the process if any of them are.
429 *
430 * @param rec The packet record.
431 */
432 wtap_block_t wtap_rec_generate_idb(const wtap_rec *rec);
433
434 /**
435 * @brief Gets new name resolution info for new file, based on existing info.
436 * @details Creates a new wtap_block_t of name resolution info and only
437 * copies appropriate members for a new file.
438 *
439 * @note Use wtap_free_nrb() to free the returned pointer.
440 *
441 * @param wth The wiretap session.
442 * @return The new name resolution info, which must be freed.
443 */
444 GArray* wtap_file_get_nrb_for_new_file(wtap *wth);
445
446 #endif /* __WTAP_INT_H__ */
447
448 /*
449 * Editor modelines - https://www.wireshark.org/tools/modelines.html
450 *
451 * Local variables:
452 * c-basic-offset: 4
453 * tab-width: 8
454 * indent-tabs-mode: nil
455 * End:
456 *
457 * vi: set shiftwidth=4 tabstop=8 expandtab:
458 * :indentSize=4:tabSize=8:noTabs=true:
459 */
Metzes wireshark repo