search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
add WERR_INVALID_STATE
[wireshark-wip.git] / wiretap / vms.c
blob50582940be25c0e40d641e39c82a5648789e0d04
1 /* vms.c
2 *
3 * $Id$
4 *
5 * Wiretap Library
6 * Copyright (c) 2001 by Marc Milgram <ethereal@mmilgram.NOSPAMmail.net>
7 *
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version 2
11 * of the License, or (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
21 */
22
23 /* Notes:
24 * TCPIPtrace TCP fragments don't have the header line. So, we are never
25 * to look for that line for the first line of a packet except the first
26 * packet. This allows us to read fragmented packets. Define
27 * TCPIPTRACE_FRAGMENTS_HAVE_HEADER_LINE to expect the first line to be
28 * at the start of every packet.
29 */
30 #include "config.h"
31 #include "wtap-int.h"
32 #include "buffer.h"
33 #include "vms.h"
34 #include "file_wrappers.h"
35
36 #include <stdio.h>
37 #include <stdlib.h>
38 #include <string.h>
39 #include <ctype.h>
40
41 /* This module reads the output of the various VMS TCPIP trace utilities
42 * such as TCPIPTRACE, TCPTRACE and UCX$TRACE
43 *
44 * It was initially based on toshiba.c and refined with code from cosine.c
45
46 --------------------------------------------------------------------------------
47 Example TCPIPTRACE TCPTRACE output data:
48
49 TCPIPtrace full display RCV packet 8 at 10-JUL-2001 14:54:19.56
50
51 IP Version = 4, IHL = 5, TOS = 00, Total Length = 84 = ^x0054
52 IP Identifier = ^x178F, Flags (0=0,DF=0,MF=0),
53 Fragment Offset = 0 = ^x0000, Calculated Offset = 0 = ^x0000
54 IP TTL = 64 = ^x40, Protocol = 17 = ^x11, Header Checksum = ^x4C71
55 IP Source Address = 10.12.1.80
56 IP Destination Address = 10.12.1.50
57
58 UDP Source Port = 731, UDP Destination Port = 111
59 UDP Header and Datagram Length = 64 = ^x0040, Checksum = ^xB6C0
60
61 50010C0A 714C1140 00008F17 54000045 0000 E..T....@.Lq...P
62 27E54C3C | C0B64000 6F00DB02 | 32010C0A 0010 ...2...o.@..<L.'
63 02000000 A0860100 02000000 00000000 0020 ................
64 00000000 00000000 00000000 03000000 0030 ................
65 06000000 01000000 A5860100 00000000 0040 ................
66 00000000 0050 ....
67 --------------------------------------------------------------------------------
68
69 Example UCX$TRACE output data:
70
71 UCX INTERnet trace RCV packet seq # = 1 at 14-MAY-2003 11:32:10.93
72
73 IP Version = 4, IHL = 5, TOS = 00, Total Length = 583 = ^x0247
74 IP Identifier = ^x702E, Flags (0=0,DF=0,MF=0),
75 Fragment Offset = 0 = ^x0000, Calculated Offset = 0 = ^x0000
76 IP TTL = 128 = ^x80, Protocol = 17 = ^x11, Header Checksum = ^x70EC
77 IP Source Address = 10.20.4.159
78 IP Destination Address = 10.20.4.255
79
80 UDP Source Port = 138, UDP Destination Port = 138
81 UDP Header and Datagram Length = 563 = ^x0233, Checksum = ^xB913
82
83 9F04140A 70EC1180 0000702E 47020045 0000 E..G.p.....p....
84 B1B80E11 | B9133302 8A008A00 | FF04140A 0010 .........3......
85 46484648 45200000 1D028A00 9F04140A 0020 ...........EHFHF
86 43414341 4341434D 454D4546 45454550 0030 PEEEFEMEMCACACAC
87
88 --------------------------------------------------------------------------------
89
90 Alternate UCX$TRACE type output data:
91
92 TCPIP INTERnet trace RCV packet seq # = 1 at 23-OCT-1998 15:19:33.29
93
94 IP Version = 4, IHL = 5, TOS = 00, Total Length = 217 = ^x00D9
95 IP Identifier = ^x0065, Flags (0=0,DF=0,MF=0),
96 Fragment Offset = 0 = ^x0000, Calculated Offset = 0 = ^x0000
97 IP TTL = 32 = ^x20, Protocol = 17 = ^x11, Header Checksum = ^x8F6C
98 IP Source Address = 16.20.168.93
99 IP Destination Address = 16.20.255.255
100
101 UDP Source Port = 138, UDP Destination Port = 138
102 UDP Header and Datagram Length = 197 = ^x00C5, Checksum = ^x0E77
103
104 5DA81410 8F6C1120 00000065 D9000045 0000 E...awe.....l....]
105 | 0E77C500 8A008A00 | FFFF1410 0010 ..........w.
106
107 --------------------------------------------------------------------------------
108
109 The only difference between the utilities is the Packet header line, primarily
110 the utility identifier and the packet sequence formats.
111
112 There appear to be 2 formats for packet seqencing
113
114 Format 1:
115
116 ... packet nn at DD-MMM-YYYY hh:mm:ss.ss
117
118 Format 2:
119
120 ... packet seq # = nn at DD-MMM-YYYY hh:mm:ss.ss
121
122 If there are other formats then code will have to be written in parse_vms_packet()
123 to handle them.
124
125 --------------------------------------------------------------------------------
126
127 */
128
129 /* Magic text to check for VMS-ness of file using possible utility names
130 *
131 */
132 #define VMS_HDR_MAGIC_STR1 "TCPIPtrace"
133 #define VMS_HDR_MAGIC_STR2 "TCPtrace"
134 #define VMS_HDR_MAGIC_STR3 "INTERnet trace"
135
136 /* Magic text for start of packet */
137 #define VMS_REC_MAGIC_STR1 VMS_HDR_MAGIC_STR1
138 #define VMS_REC_MAGIC_STR2 VMS_HDR_MAGIC_STR2
139 #define VMS_REC_MAGIC_STR3 VMS_HDR_MAGIC_STR3
140
141 #define VMS_HEADER_LINES_TO_CHECK 200
142 #define VMS_LINE_LENGTH 240
143
144 static gboolean vms_read(wtap *wth, int *err, gchar **err_info,
145 gint64 *data_offset);
146 static gboolean vms_seek_read(wtap *wth, gint64 seek_off,
147 struct wtap_pkthdr *phdr, Buffer *buf, int len,
148 int *err, gchar **err_info);
149 static gboolean parse_single_hex_dump_line(char* rec, guint8 *buf,
150 long byte_offset, int in_off, int remaining_bytes);
151 static gboolean parse_vms_packet(FILE_T fh, struct wtap_pkthdr *phdr,
152 Buffer *buf, int *err, gchar **err_info);
153
154 #ifdef TCPIPTRACE_FRAGMENTS_HAVE_HEADER_LINE
155 /* Seeks to the beginning of the next packet, and returns the
156 byte offset. Returns -1 on failure, and sets "*err" to the error
157 and sets "*err_info" to null or an additional error string. */
158 static long vms_seek_next_packet(wtap *wth, int *err, gchar **err_info)
159 {
160 long cur_off;
161 char buf[VMS_LINE_LENGTH];
162
163 while (1) {
164 cur_off = file_tell(wth->fh);
165 if (cur_off == -1) {
166 /* Error */
167 *err = file_error(wth->fh, err_info);
168 return -1;
169 }
170 if (file_gets(buf, sizeof(buf), wth->fh) == NULL) {
171 /* EOF or error. */
172 *err = file_error(wth->fh, err_info);
173 break;
174 }
175 if (strstr(buf, VMS_REC_MAGIC_STR1) ||
176 strstr(buf, VMS_REC_MAGIC_STR2) ||
177 strstr(buf, VMS_REC_MAGIC_STR2)) {
178 g_strlcpy(hdr, buf,VMS_LINE_LENGTH);
179 return cur_off;
180 }
181 }
182 return -1;
183 }
184 #endif /* TCPIPTRACE_FRAGMENTS_HAVE_HEADER_LINE */
185
186 /* Look through the first part of a file to see if this is
187 * a VMS trace file.
188 *
189 * Returns TRUE if it is, FALSE if it isn't or if we get an I/O error;
190 * if we get an I/O error, "*err" will be set to a non-zero value and
191 * "*err_info will be set to null or an additional error string.
192 *
193 * Leaves file handle at beginning of line that contains the VMS Magic
194 * identifier.
195 */
196 static gboolean vms_check_file_type(wtap *wth, int *err, gchar **err_info)
197 {
198 char buf[VMS_LINE_LENGTH];
199 guint reclen, line;
200 gint64 mpos;
201
202 buf[VMS_LINE_LENGTH-1] = '\0';
203
204 for (line = 0; line < VMS_HEADER_LINES_TO_CHECK; line++) {
205 mpos = file_tell(wth->fh);
206 if (mpos == -1) {
207 /* Error. */
208 *err = file_error(wth->fh, err_info);
209 return FALSE;
210 }
211 if (file_gets(buf, VMS_LINE_LENGTH, wth->fh) == NULL) {
212 /* EOF or error. */
213 *err = file_error(wth->fh, err_info);
214 return FALSE;
215 }
216
217 reclen = (guint) strlen(buf);
218 if (reclen < strlen(VMS_HDR_MAGIC_STR1) ||
219 reclen < strlen(VMS_HDR_MAGIC_STR2) ||
220 reclen < strlen(VMS_HDR_MAGIC_STR3)) {
221 continue;
222 }
223
224 if (strstr(buf, VMS_HDR_MAGIC_STR1) ||
225 strstr(buf, VMS_HDR_MAGIC_STR2) ||
226 strstr(buf, VMS_HDR_MAGIC_STR3)) {
227 /* Go back to the beginning of this line, so we will
228 * re-read it. */
229 if (file_seek(wth->fh, mpos, SEEK_SET, err) == -1) {
230 /* Error. */
231 return FALSE;
232 }
233 return TRUE;
234 }
235 }
236 *err = 0;
237 return FALSE;
238 }
239
240
241 int vms_open(wtap *wth, int *err, gchar **err_info)
242 {
243 /* Look for VMS header */
244 if (!vms_check_file_type(wth, err, err_info)) {
245 if (*err != 0 && *err != WTAP_ERR_SHORT_READ)
246 return -1;
247 return 0;
248 }
249
250 wth->file_encap = WTAP_ENCAP_RAW_IP;
251 wth->file_type_subtype = WTAP_FILE_TYPE_SUBTYPE_VMS;
252 wth->snapshot_length = 0; /* not known */
253 wth->subtype_read = vms_read;
254 wth->subtype_seek_read = vms_seek_read;
255 wth->tsprecision = WTAP_FILE_TSPREC_CSEC;
256
257 return 1;
258 }
259
260 /* Find the next packet and parse it; called from wtap_read(). */
261 static gboolean vms_read(wtap *wth, int *err, gchar **err_info,
262 gint64 *data_offset)
263 {
264 gint64 offset = 0;
265
266 /* Find the next packet */
267 #ifdef TCPIPTRACE_FRAGMENTS_HAVE_HEADER_LINE
268 offset = vms_seek_next_packet(wth, err, err_info);
269 #else
270 offset = file_tell(wth->fh);
271 #endif
272 if (offset < 1) {
273 *err = file_error(wth->fh, err_info);
274 return FALSE;
275 }
276 *data_offset = offset;
277
278 /* Parse the packet */
279 return parse_vms_packet(wth->fh, &wth->phdr, wth->frame_buffer, err, err_info);
280 }
281
282 /* Used to read packets in random-access fashion */
283 static gboolean
284 vms_seek_read(wtap *wth, gint64 seek_off, struct wtap_pkthdr *phdr,
285 Buffer *buf, int len _U_, int *err, gchar **err_info)
286 {
287 if (file_seek(wth->random_fh, seek_off - 1, SEEK_SET, err) == -1)
288 return FALSE;
289
290 if (!parse_vms_packet(wth->random_fh, phdr, buf, err, err_info)) {
291 if (*err == 0)
292 *err = WTAP_ERR_SHORT_READ;
293 return FALSE;
294 }
295 return TRUE;
296 }
297
298 /* isdumpline assumes that dump lines start with some non-alphanumerics
299 * followed by 4 hex numbers - each 8 digits long, each hex number followed
300 * by 3 spaces.
301 */
302 static int
303 isdumpline( gchar *line )
304 {
305 int i, j;
306
307 while (*line && !isalnum((guchar)*line))
308 line++;
309
310 for (j=0; j<4; j++) {
311 for (i=0; i<8; i++, line++)
312 if (! isxdigit((guchar)*line))
313 return FALSE;
314
315 for (i=0; i<3; i++, line++)
316 if (*line != ' ')
317 return FALSE;
318 }
319
320 return isspace((guchar)*line);
321 }
322
323 /* Parses a packet record. */
324 static gboolean
325 parse_vms_packet(FILE_T fh, struct wtap_pkthdr *phdr, Buffer *buf, int *err, gchar **err_info)
326 {
327 char line[VMS_LINE_LENGTH + 1];
328 int num_items_scanned;
329 int pkt_len = 0;
330 int pktnum;
331 int csec = 101;
332 struct tm tm;
333 char mon[4] = {'J', 'A', 'N', 0};
334 gchar *p;
335 static const gchar months[] = "JANFEBMARAPRMAYJUNJULAUGSEPOCTNOVDEC";
336 int i;
337 int offset = 0;
338 guint8 *pd;
339
340 tm.tm_year = 1970;
341 tm.tm_mon = 0;
342 tm.tm_mday = 1;
343 tm.tm_hour = 1;
344 tm.tm_min = 1;
345 tm.tm_sec = 1;
346
347 /* Skip lines until one starts with a hex number */
348 do {
349 if (file_gets(line, VMS_LINE_LENGTH, fh) == NULL) {
350 *err = file_error(fh, err_info);
351 if ((*err == 0) && (csec != 101)) {
352 *err = WTAP_ERR_SHORT_READ;
353 }
354 return FALSE;
355 }
356 line[VMS_LINE_LENGTH] = '\0';
357
358 if ((csec == 101) && (p = strstr(line, "packet ")) != NULL
359 && (! strstr(line, "could not save "))) {
360 /* Find text in line starting with "packet ". */
361
362 /* First look for the Format 1 type sequencing */
363 num_items_scanned = sscanf(p,
364 "packet %9d at %2d-%3s-%4d %2d:%2d:%2d.%9d",
365 &pktnum, &tm.tm_mday, mon,
366 &tm.tm_year, &tm.tm_hour,
367 &tm.tm_min, &tm.tm_sec, &csec);
368 /* Next look for the Format 2 type sequencing */
369 if (num_items_scanned != 8) {
370 num_items_scanned = sscanf(p,
371 "packet seq # = %9d at %2d-%3s-%4d %2d:%2d:%2d.%9d",
372 &pktnum, &tm.tm_mday, mon,
373 &tm.tm_year, &tm.tm_hour,
374 &tm.tm_min, &tm.tm_sec, &csec);
375 }
376 /* if unknown format then exit with error */
377 /* We will need to add code to handle new format */
378 if (num_items_scanned != 8) {
379 *err = WTAP_ERR_BAD_FILE;
380 *err_info = g_strdup_printf("vms: header line not valid");
381 return FALSE;
382 }
383 }
384 if ( (! pkt_len) && (p = strstr(line, "Length"))) {
385 p += sizeof("Length ");
386 while (*p && ! isdigit((guchar)*p))
387 p++;
388
389 if ( !*p ) {
390 *err = WTAP_ERR_BAD_FILE;
391 *err_info = g_strdup_printf("vms: Length field not valid");
392 return FALSE;
393 }
394
395 pkt_len = atoi(p);
396 break;
397 }
398 } while (! isdumpline(line));
399
400 p = strstr(months, mon);
401 if (p)
402 tm.tm_mon = (int) (p - months) / 3;
403 tm.tm_year -= 1900;
404 tm.tm_isdst = -1;
405
406 phdr->presence_flags = WTAP_HAS_TS;
407 phdr->ts.secs = mktime(&tm);
408 phdr->ts.nsecs = csec * 10000000;
409 phdr->caplen = pkt_len;
410 phdr->len = pkt_len;
411
412 /* Make sure we have enough room for the packet */
413 buffer_assure_space(buf, pkt_len);
414 pd = buffer_start_ptr(buf);
415
416 /* Convert the ASCII hex dump to binary data */
417 for (i = 0; i < pkt_len; i += 16) {
418 if (file_gets(line, VMS_LINE_LENGTH, fh) == NULL) {
419 *err = file_error(fh, err_info);
420 if (*err == 0) {
421 *err = WTAP_ERR_SHORT_READ;
422 }
423 return FALSE;
424 }
425 line[VMS_LINE_LENGTH] = '\0';
426 if (i == 0) {
427 while (! isdumpline(line)) { /* advance to start of hex data */
428 if (file_gets(line, VMS_LINE_LENGTH, fh) == NULL) {
429 *err = file_error(fh, err_info);
430 if (*err == 0) {
431 *err = WTAP_ERR_SHORT_READ;
432 }
433 return FALSE;
434 }
435 line[VMS_LINE_LENGTH] = '\0';
436 }
437 while (line[offset] && !isxdigit((guchar)line[offset]))
438 offset++;
439 }
440 if (!parse_single_hex_dump_line(line, pd, i,
441 offset, pkt_len - i)) {
442 *err = WTAP_ERR_BAD_FILE;
443 *err_info = g_strdup_printf("vms: hex dump not valid");
444 return FALSE;
445 }
446 }
447 /* Avoid TCPIPTRACE-W-BUFFERSFUL, TCPIPtrace could not save n packets.
448 * errors.
449 *
450 * XXX - when we support packet drop report information in the
451 * Wiretap API, we should parse those lines and return "n" as
452 * a packet drop count. */
453 if (!file_gets(line, VMS_LINE_LENGTH, fh)) {
454 *err = file_error(fh, err_info);
455 if (*err == 0) {
456 /* There is no next line, so there's no "TCPIPtrace could not
457 * save n packets" line; not an error. */
458 return TRUE;
459 }
460 return FALSE;
461 }
462 return TRUE;
463 }
464
465 /*
466 1 2 3 4
467 0123456789012345678901234567890123456789012345
468 50010C0A A34C0640 00009017 2C000045 0000 E..,....@.L....P
469 00000000 14945E52 0A00DC02 | 32010C0A 0010 ...2....R^......
470 0000 | B4050402 00003496 00020260 0020 `....4........
471 */
472
473 #define START_POS 7
474 #define HEX_LENGTH ((8 * 4) + 7) /* eight clumps of 4 bytes with 7 inner spaces */
475 /* Take a string representing one line from a hex dump and converts the
476 * text to binary data. We check the printed offset with the offset
477 * we are passed to validate the record. We place the bytes in the buffer
478 * at the specified offset.
479 *
480 * Returns TRUE if good hex dump, FALSE if bad.
481 */
482 static gboolean
483 parse_single_hex_dump_line(char* rec, guint8 *buf, long byte_offset,
484 int in_off, int remaining) {
485
486 int i;
487 char *s;
488 int value;
489 static const int offsets[16] = {39,37,35,33,28,26,24,22,17,15,13,11,6,4,2,0};
490 char lbuf[3] = {0,0,0};
491
492
493 /* Get the byte_offset directly from the record */
494 s = rec;
495 value = (int)strtoul(s + 45 + in_off, NULL, 16); /* XXX - error check? */
496
497 if (value != byte_offset) {
498 return FALSE;
499 }
500
501 if (remaining > 16)
502 remaining = 16;
503
504 /* Read the octets right to left, as that is how they are displayed
505 * in VMS.
506 */
507
508 for (i = 0; i < remaining; i++) {
509 lbuf[0] = rec[offsets[i] + in_off];
510 lbuf[1] = rec[offsets[i] + 1 + in_off];
511
512 buf[byte_offset + i] = (guint8) strtoul(lbuf, NULL, 16);
513 }
514
515 return TRUE;
516 }