Wireshark  4.3.0
The Wireshark network protocol analyzer
wtap-int.h
Go to the documentation of this file.
1 
9 #ifndef __WTAP_INT_H__
10 #define __WTAP_INT_H__
11 
12 #include "wtap.h"
13 #include <time.h>
14 
15 #ifdef _WIN32
16 #include <winsock2.h>
17 #endif
18 
19 #include <wsutil/file_util.h>
20 
21 #include "wtap_opttypes.h"
22 
23 void wtap_init_file_type_subtypes(void);
24 
25 WS_DLL_PUBLIC
26 int wtap_fstat(wtap *wth, ws_statb64 *statb, int *err);
27 
28 typedef gboolean (*subtype_read_func)(struct wtap*, wtap_rec *,
29  Buffer *, int *, char **, gint64 *);
30 typedef gboolean (*subtype_seek_read_func)(struct wtap*, gint64, wtap_rec *,
31  Buffer *, int *, char **);
32 
36 struct wtap {
37  FILE_T fh;
39  gboolean ispipe;
40  int file_type_subtype;
41  guint snapshot_length;
42  GArray *shb_hdrs;
43  GArray *interface_data;
45  GArray *nrbs;
46  GArray *dsbs;
47  GArray *meta_events;
49  char *pathname;
51  void *priv; /* this one holds per-file state and is free'd automatically by wtap_close() */
52  void *wslua_data; /* this one holds wslua state info and is not free'd */
53 
54  subtype_read_func subtype_read;
55  subtype_seek_read_func subtype_seek_read;
56  void (*subtype_sequential_close)(struct wtap*);
57  void (*subtype_close)(struct wtap*);
58  int file_encap; /* per-file, for those
59  * file formats that have
60  * per-file encapsulation
61  * types rather than per-packet
62  * encapsulation types
63  */
64  int file_tsprec; /* per-file timestamp precision
65  * of the fractional part of
66  * the time stamp, for those
67  * file formats that have
68  * per-file timestamp
69  * precision rather than
70  * per-packet timestamp
71  * precision
72  * e.g. WTAP_TSPREC_USEC
73  */
74  wtap_new_ipv4_callback_t add_new_ipv4;
75  wtap_new_ipv6_callback_t add_new_ipv6;
76  wtap_new_secrets_callback_t add_new_secrets;
77  GPtrArray *fast_seek;
78 };
79 
80 struct wtap_dumper;
81 
82 /*
83  * This could either be a FILE * or a gzFile.
84  */
85 typedef void *WFILE_T;
86 
87 typedef gboolean (*subtype_add_idb_func)(struct wtap_dumper*, wtap_block_t,
88  int *, gchar **);
89 
90 typedef gboolean (*subtype_write_func)(struct wtap_dumper*,
91  const wtap_rec *rec,
92  const guint8*, int*, gchar**);
93 typedef gboolean (*subtype_finish_func)(struct wtap_dumper*, int*, gchar**);
94 
95 struct wtap_dumper {
96  WFILE_T fh;
97  int file_type_subtype;
98  int snaplen;
99  int file_encap; /* per-file, for those
100  * file formats that have
101  * per-file encapsulation
102  * types rather than per-packet
103  * encapsulation types
104  */
105  wtap_compression_type compression_type;
106  gboolean needs_reload; /* TRUE if the file requires re-loading after saving with wtap */
107  gint64 bytes_dumped;
108 
109  void *priv; /* this one holds per-file state and is free'd automatically by wtap_dump_close() */
110  void *wslua_data; /* this one holds wslua state info and is not free'd */
111 
112  subtype_add_idb_func subtype_add_idb; /* add an IDB, writing it as necessary */
113  subtype_write_func subtype_write; /* write out a record */
114  subtype_finish_func subtype_finish; /* write out information to finish writing file */
115 
117  GArray *shb_hdrs;
118  GArray *interface_data;
119  GArray *dsbs_initial;
121  /*
122  * Additional blocks that might grow as data is being collected.
123  * Subtypes should write these blocks before writing new packet blocks.
124  */
125  const GArray *nrbs_growing;
126  const GArray *dsbs_growing;
127  const GArray *mevs_growing;
131 };
132 
133 WS_DLL_PUBLIC gboolean wtap_dump_file_write(wtap_dumper *wdh, const void *buf,
134  size_t bufsize, int *err);
135 WS_DLL_PUBLIC gint64 wtap_dump_file_seek(wtap_dumper *wdh, gint64 offset, int whence, int *err);
136 WS_DLL_PUBLIC gint64 wtap_dump_file_tell(wtap_dumper *wdh, int *err);
137 
138 extern gint wtap_num_file_types;
139 
140 #include <wsutil/pint.h>
141 
142 /* Macros to byte-swap possibly-unaligned 64-bit, 32-bit and 16-bit quantities;
143  * they take a pointer to the quantity, and byte-swap it in place.
144  */
145 #define PBSWAP64(p) \
146  { \
147  guint8 tmp; \
148  tmp = (p)[7]; \
149  (p)[7] = (p)[0]; \
150  (p)[0] = tmp; \
151  tmp = (p)[6]; \
152  (p)[6] = (p)[1]; \
153  (p)[1] = tmp; \
154  tmp = (p)[5]; \
155  (p)[5] = (p)[2]; \
156  (p)[2] = tmp; \
157  tmp = (p)[4]; \
158  (p)[4] = (p)[3]; \
159  (p)[3] = tmp; \
160  }
161 #define PBSWAP32(p) \
162  { \
163  guint8 tmp; \
164  tmp = (p)[3]; \
165  (p)[3] = (p)[0]; \
166  (p)[0] = tmp; \
167  tmp = (p)[2]; \
168  (p)[2] = (p)[1]; \
169  (p)[1] = tmp; \
170  }
171 #define PBSWAP16(p) \
172  { \
173  guint8 tmp; \
174  tmp = (p)[1]; \
175  (p)[1] = (p)[0]; \
176  (p)[0] = tmp; \
177  }
178 
179 
180 /* Pointer routines to put items out in a particular byte order.
181  * These will work regardless of the byte alignment of the pointer.
182  */
183 
184 #ifndef phtons
185 #define phtons(p, v) \
186  { \
187  (p)[0] = (guint8)((v) >> 8); \
188  (p)[1] = (guint8)((v) >> 0); \
189  }
190 #endif
191 
192 #ifndef phton24
193 #define phton24(p, v) \
194  { \
195  (p)[0] = (guint8)((v) >> 16); \
196  (p)[1] = (guint8)((v) >> 8); \
197  (p)[2] = (guint8)((v) >> 0); \
198  }
199 #endif
200 
201 #ifndef phtonl
202 #define phtonl(p, v) \
203  { \
204  (p)[0] = (guint8)((v) >> 24); \
205  (p)[1] = (guint8)((v) >> 16); \
206  (p)[2] = (guint8)((v) >> 8); \
207  (p)[3] = (guint8)((v) >> 0); \
208  }
209 #endif
210 
211 #ifndef phtonll
212 #define phtonll(p, v) \
213  { \
214  (p)[0] = (guint8)((v) >> 56); \
215  (p)[1] = (guint8)((v) >> 48); \
216  (p)[2] = (guint8)((v) >> 40); \
217  (p)[3] = (guint8)((v) >> 32); \
218  (p)[4] = (guint8)((v) >> 24); \
219  (p)[5] = (guint8)((v) >> 16); \
220  (p)[6] = (guint8)((v) >> 8); \
221  (p)[7] = (guint8)((v) >> 0); \
222  }
223 #endif
224 
225 #ifndef phtole8
226 #define phtole8(p, v) \
227  { \
228  (p)[0] = (guint8)((v) >> 0); \
229  }
230 #endif
231 
232 #ifndef phtoles
233 #define phtoles(p, v) \
234  { \
235  (p)[0] = (guint8)((v) >> 0); \
236  (p)[1] = (guint8)((v) >> 8); \
237  }
238 #endif
239 
240 #ifndef phtole24
241 #define phtole24(p, v) \
242  { \
243  (p)[0] = (guint8)((v) >> 0); \
244  (p)[1] = (guint8)((v) >> 8); \
245  (p)[2] = (guint8)((v) >> 16); \
246  }
247 #endif
248 
249 #ifndef phtolel
250 #define phtolel(p, v) \
251  { \
252  (p)[0] = (guint8)((v) >> 0); \
253  (p)[1] = (guint8)((v) >> 8); \
254  (p)[2] = (guint8)((v) >> 16); \
255  (p)[3] = (guint8)((v) >> 24); \
256  }
257 #endif
258 
259 #ifndef phtolell
260 #define phtolell(p, v) \
261  { \
262  (p)[0] = (guint8)((v) >> 0); \
263  (p)[1] = (guint8)((v) >> 8); \
264  (p)[2] = (guint8)((v) >> 16); \
265  (p)[3] = (guint8)((v) >> 24); \
266  (p)[4] = (guint8)((v) >> 32); \
267  (p)[5] = (guint8)((v) >> 40); \
268  (p)[6] = (guint8)((v) >> 48); \
269  (p)[7] = (guint8)((v) >> 56); \
270  }
271 #endif
272 
273 /* glib doesn't have g_ptr_array_len of all things!*/
274 #ifndef g_ptr_array_len
275 #define g_ptr_array_len(a) ((a)->len)
276 #endif
277 
278 /*
279  * Read a given number of bytes from a file into a buffer or, if
280  * buf is NULL, just discard them.
281  *
282  * If we succeed, return TRUE.
283  *
284  * If we get an EOF, return FALSE with *err set to 0, reporting this
285  * as an EOF.
286  *
287  * If we get fewer bytes than the specified number, return FALSE with
288  * *err set to WTAP_ERR_SHORT_READ, reporting this as a short read
289  * error.
290  *
291  * If we get a read error, return FALSE with *err and *err_info set
292  * appropriately.
293  */
294 WS_DLL_PUBLIC
295 gboolean
296 wtap_read_bytes_or_eof(FILE_T fh, void *buf, unsigned int count, int *err,
297  gchar **err_info);
298 
299 /*
300  * Read a given number of bytes from a file into a buffer or, if
301  * buf is NULL, just discard them.
302  *
303  * If we succeed, return TRUE.
304  *
305  * If we get fewer bytes than the specified number, including getting
306  * an EOF, return FALSE with *err set to WTAP_ERR_SHORT_READ, reporting
307  * this as a short read error.
308  *
309  * If we get a read error, return FALSE with *err and *err_info set
310  * appropriately.
311  */
312 WS_DLL_PUBLIC
313 gboolean
314 wtap_read_bytes(FILE_T fh, void *buf, unsigned int count, int *err,
315  gchar **err_info);
316 
317 /*
318  * Read packet data into a Buffer, growing the buffer as necessary.
319  *
320  * This returns an error on a short read, even if the short read hit
321  * the EOF immediately. (The assumption is that each packet has a
322  * header followed by raw packet data, and that we've already read the
323  * header, so if we get an EOF trying to read the packet data, the file
324  * has been cut short, even if the read didn't read any data at all.)
325  */
326 WS_DLL_PUBLIC
327 gboolean
328 wtap_read_packet_bytes(FILE_T fh, Buffer *buf, guint length, int *err,
329  gchar **err_info);
330 
331 /*
332  * Implementation of wth->subtype_read that reads the full file contents
333  * as a single packet.
334  */
335 gboolean
336 wtap_full_file_read(wtap *wth, wtap_rec *rec, Buffer *buf,
337  int *err, gchar **err_info, gint64 *data_offset);
338 
339 /*
340  * Implementation of wth->subtype_seek_read that reads the full file contents
341  * as a single packet.
342  */
343 gboolean
344 wtap_full_file_seek_read(wtap *wth, gint64 seek_off, wtap_rec *rec, Buffer *buf, int *err, gchar **err_info);
345 
349 void
351 
355 void
357 
361 void
363 
364 void
365 wtap_register_compatibility_file_subtype_name(const char *old_name,
366  const char *new_name);
367 
368 void
369 wtap_register_backwards_compatibility_lua_name(const char *name, int ft);
370 
372  const char *name;
373  int ft;
374 };
375 
376 WS_DLL_PUBLIC
377 const GArray *get_backwards_compatibility_lua_table(void);
378 
393 
405 WS_DLL_PUBLIC
406 void wtap_add_generated_idb(wtap *wth);
407 
421 
434 
446 
447 #endif /* __WTAP_INT_H__ */
448 
449 /*
450  * Editor modelines - https://www.wireshark.org/tools/modelines.html
451  *
452  * Local variables:
453  * c-basic-offset: 4
454  * tab-width: 8
455  * indent-tabs-mode: nil
456  * End:
457  *
458  * vi: set shiftwidth=4 tabstop=8 expandtab:
459  * :indentSize=4:tabSize=8:noTabs=true:
460  */
Definition: buffer.h:22
Definition: wtap.h:1468
Definition: wtap-int.h:371
Definition: pcapio.c:113
Definition: wtap_opttypes.c:86
Definition: wtap.h:1488
Definition: wtap-int.h:95
GArray * dsbs_initial
Definition: wtap-int.h:119
GArray * interface_data
Definition: wtap-int.h:118
guint nrbs_growing_written
Definition: wtap-int.h:128
const GArray * dsbs_growing
Definition: wtap-int.h:126
const GArray * mevs_growing
Definition: wtap-int.h:127
guint mevs_growing_written
Definition: wtap-int.h:130
addrinfo_lists_t * addrinfo_lists
Definition: wtap-int.h:116
const GArray * nrbs_growing
Definition: wtap-int.h:125
guint dsbs_growing_written
Definition: wtap-int.h:129
Definition: file_wrappers.c:168
Definition: wtap.h:1394
Definition: wtap-int.h:36
GArray * interface_data
Definition: wtap-int.h:43
gboolean ispipe
Definition: wtap-int.h:39
FILE_T random_fh
Definition: wtap-int.h:38
GArray * nrbs
Definition: wtap-int.h:45
char * pathname
Definition: wtap-int.h:49
GArray * meta_events
Definition: wtap-int.h:47
guint next_interface_data
Definition: wtap-int.h:44
GArray * dsbs
Definition: wtap-int.h:46
void wtapng_process_nrb(wtap *wth, wtap_block_t nrb)
Definition: wtap.c:1623
GArray * wtap_file_get_shb_for_new_file(wtap *wth)
Gets new section header block for new file, based on existing info.
Definition: wtap.c:138
void wtapng_process_dsb(wtap *wth, wtap_block_t dsb)
Definition: wtap.c:1647
GArray * wtap_file_get_nrb_for_new_file(wtap *wth)
Gets new name resolution info for new file, based on existing info.
Definition: wtap.c:484
wtap_block_t wtap_rec_generate_idb(const wtap_rec *rec)
Generate an IDB, given a packet record, using the records's encapsulation type and time stamp resolut...
Definition: wtap.c:1857
wtap_block_t wtap_dump_params_generate_idb(const wtap_dump_params *params)
Generate an IDB, given a set of dump parameters, using the parameters' encapsulation type,...
Definition: wtap.c:578
WS_DLL_PUBLIC void wtap_add_generated_idb(wtap *wth)
Generate an IDB, given a wiretap handle for the file, using the file's encapsulation type,...
Definition: wtap.c:321
void wtap_add_idb(wtap *wth, wtap_block_t idb)
Definition: wtap.c:245
void(* wtap_new_ipv4_callback_t)(const guint addr, const gchar *name, const gboolean static_entry)
Definition: wtap.h:1833
void(* wtap_new_secrets_callback_t)(guint32 secrets_type, const void *secrets, guint size)
Definition: wtap.h:1845