PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 04:31:29 +00:00
Code Issues Projects Releases Wiki Activity

Upgrade libpcap to 1.10.4

Browse Source
This commit is contained in:
dmiller
2023-04-28 14:37:51 +00:00
parent 186bed85c8
commit 585832c41e
121 changed files with 13810 additions and 8968 deletions
Download Patch File Download Diff File Expand all files Collapse all files

268
libpcap/CHANGES
View File

@@ -1,5 +1,240 @@
Monthday, Month DD, YYYY
Summary for 1.10.1 libpcap release (so far!)
Friday, April 7, 2023 / The Tcpdump Group
Summary for 1.10.4 libpcap release
Source code:
Fix spaces before tabs in indentation.
rpcap:
Fix name of launchd service.
Documentation:
Document use of rpcapd with systemd, launchd, inetd, and xinetd.
Building and testing:
Require at least pkg-config 0.17.0, as we use --static.
Get rid of the remains of gnuc.h.
Require at least autoconf 2.69.
Update config.{guess,sub}, timestamps 2023-01-01,2023-01-21.
Thursday, January 12, 2023 / The Tcpdump Group
Summary for 1.10.3 libpcap release
Source code:
Sort the PUBHDR variable in Makefile.in in "ls" order.
Fix typo in comment in pflog.h.
Remove two no-longer-present files from .gitignore.
Update code and comments for handling failure to set promiscuous
mode based on new information.
Building and testing:
install: Fixed not to install the non-public pcap-util.h header.
pcap-config: add a --version flag.
Makefile.in: Add some missing files in the distclean target.
Saturday, December 31, 2022 / The Tcpdump Group
Summary for 1.10.2 libpcap release
Source code:
Use __builtin_unreachable() in PCAP_UNREACHABLE.
Use AS_HELP_STRING macro instead of AC_HELP_STRING in the
configure scripts, to avoid deprecation warnings.
Change availability tags in pcap.h to make it easier to
arrange for it to be used in Darwin releases.
Use AS_HELP_STRING for --enable-remote.
Fix some formatting string issues found by cppcheck.
Various small code and comment cleanups.
Use PCAP_ERROR (defined as -1) rather than explicit -1 for
functions the documentation says return PCAP_ERROR.
Remove unused code from the filter compiler.
Use _declspec(deprecated(msg)) rather than __pragma(deprecated)
for Windows deprecation warnings, so the message that was
specified shows up.
diag-control.h: define PCAP_DO_PRAGMA() iff we're going to use it.
Use "%d" to print some signed ints.
Use the Wayback Machine for a removed document in a comment.
Add some const qualifiers.
RDMA: Use PRIu64 to print a uint64_t.
"Dead" pcap_ts from pcap_open_dead() and ..._with_tstamp_precision():
Don't crash if pcap_breakloop() is called.
Savefiles:
Fix pcap_dispatch() to return number of packets processed, rather
than 0, even at EOF.
If we get an error writing the packet header, don't write the
packet data.
Put PFLOG UID and PID values in the header into host byte order
when reading a LINKTYPE_PFLOG file.
Put CAN ID field in CAN pseudo-headers for LINUX_SLL2, as we do
for LINUX_SLL.
Fix inorrectly-computed "real" length for isochronous USB
transfers when reading savefiles.
Don't crash if pcap_can_set_rfmon() is called.
Fix pcap_offline_read() loop.
Capture:
Never process more than INT_MAX packets in a pcap_dispatch() call,
to avoid integer overflow (issue #1087).
Improve error messages for "no such device" and "permission
denied" errors.
SITA: Fix a typo in a variable name.
Packet filtering:
Get PFLOG header length from the length value in the header.
Support all the direction, reason, and action types supported by
all systems that support PFLOG.
Don't require PFLOG support on the target machine in order to
support PFLOG filtering (also fixes issue #1076).
Expand abbreviations into "proto X" properly.
gencode.c: Update a comment about the VLAN TPID test.
Add the minimum and maximum matching DLTs to an error message.
Linux:
Fix memory leak in capture device open (pull request #1038).
Fix detection of CAN/CAN FD packets in direction check (issue
#1051).
Fix double-free crashes on errors such as running on a kernel with
CONFIG_PACKET_MMAP not configured (issue #1054).
Use DLT_CAN_SOCKETCAN for CANbus interfaces (issue #1052; includes
changes from pull request #1035).
Make sure the CANFD_FDF can be relied on to indicate whether a
CANbus packet is a CAN frame or a CAN FD frame
Improve error message for "out of memory" errors for kernel
filters (see issue #1089).
Fix pcap_findalldevs() to find usbmon devices.
Fix handling of VLAN tagged packets if the link-layer type is
changed from DLT_LINUX_SLL to DLT_LINUX_SLL2 (see issue #1105).
Always turn on PACKET_AUXDATA (see issue #1105).
We require 2.6.27 or later, so PACKET_RESERVE is available.
Make sure there's reserved space for a DLT_LINUX_SLL2 header
when capturing.
Correctly compute the "real" length for isochronous USB transfers.
Don't have an eventfd descriptor open in non-blocking mode, so as
not to waste descriptors.
netfilter: Squelch a narrowing warning (To be look at before 2038).
BPF capture (*BSD, macOS, AIX, Solaris 11):
Fix case where a device open might fail, rather than falling back
to a smaller buffer size, when the initial buffer size is too
big.
Use an unsigned device number to iterate over BPF devices, to
squelch a compiler warning.
NetBSD:
Fix handling of LINKTYPE_HDLC/DLT_HDLC.
rpcap:
Fix unaligned accesses in rpcapd (pull request #1037).
Fix code to process port number.
Clean up findalldevs code in rpcapd.
Clean up bufferizing code.
Fix a file descriptor/handle leak in pcap_findalldevs_ex()
(Coverity CID 1507240).
Improve error messages for host and port resolution errors.
Fix connect code not to fail if both IPv4 and IPv6 addresses are
tried.
Improve connect failure error message.
Provide an error message for a bad authentication reply size.
For link-layer types with host-endian fields in the header, fix
those fields if capturing from a server with a different byte
order.
Suppress temporarily the warnings with "enable remote packet capture".
Windows:
Add support for NdisMediumIP (pull request #1027).
Don't require applications using pcap to be built with VS 2015 or
later.
Use the correct string for the DLL VersionInfo.
Remove unnecessary DllMain() function.
Correctly handle ERROR_INVALID_FUNCTION from
PacketGetTimestampModes() (indicate that WinPcap or an older
version of Npcap is probably installed).
Fix use-after-free in some cases when a pcap_t is closed.
Make sure an error is returned by pcap_create_interface() if
PacketOpenAdapter() fails.
Return an error if the driver reports 0 timestamp modes supported.
Close the ADAPTER handle for some errors in
pcap_create_interface().
Get rid of old umaintained VS project files.
Fix deprecation warning for pcap_handle().
Npcap is now at npcap.com, not npcap.org.
Make sure "no such device" and "no permission to open device"
errors show up in pcap_activate(), not pcap_create() (fixes,
among other things, tcpdump -i <interface-number>).
npcap: squelch deprecation warnings for kernel dump mode.
Haiku:
Implement pcap_lib_version(), as now required.
Handle negative or too-large snaplen values.
Fix various build issues and warnings.
Building and testing:
Update configure-time universal build checks for macOS.
Update config.guess and config.sub.
If we look for an SSL library with pkg-config in configure script,
try pkg-config first.
If we have pkg-config and Homebrew, try to set pkg-config up to
find Homebrew packages.
Handle some Autoconf/make errors better.
Use "git archive" for the "make releasetar" process.
Remove the release candidate rcX targets.
Fix compiling on Solaris 9/SPARC and 11/AMD64.
Address assorted compiler warnings.
Fix cross-building on Linux for Windows with mingw32 for Win64
(pull request #1031).
Properly set installation directory on Windows when not compiling
with MSVC.
Fix configure script checks for compiler flags.
Give more details if check for usable (F)Lex fails.
Fix compiling with GCC 4.6.4.
Don't use add_compile_options() with CMake, as we currently don't
require 2.8.12, where it first appeared.
Don't provide -L/usr/lib for pkg-config --libs in pkg-config.
Fix error message for inadequate Bison/Berkeley YACC.
configure: correctly do some DPDK checks.
Only use pkg-config when checking for DPDK.
Allow the path in which DPDK is installed to be specified.
Use pkg-config first when checking for libibverbs.
CMake: fix check for libibverbs with Sun's C compiler.
Have CMake warn if no capture mechanism can be found.
Don't do stuff requiring 3.19 or later on earlier CMakes.
Squelch some CMake warnings.
Fix diag-control.h to handle compiling with clang-cl (issues
#1101 and #1115).
Cleanup various leftover cruft in the configure script.
Fix building without protochain support. (GH #852)
Check for a usable YACC (or Bison) and {F}lex in CMake, as we do
in autotools.
Only check for a C++ compiler on Haiku, as that's the only
platform with C++ code, and make sure they generate code for
the same instruction set bit-width (both 32-bit or both 64-bit)
(issue #1112).
On Solaris, check the target bit-width and set PKG_CONFIG_PATH
appropriately, to handle the mess that is the D-Bus library
package (issue #1112).
Fix generation of pcap-config and libpcap.pc files (issue #1062).
pcap-config: don't assume the system library directory is /usr/lib.
pcap-config: add a --static-pcap-only flag.
Cirrus CI: Use the same configuration as for the main branch.
Add four libpcap test files.
Update Npcap SDK to 1.13.
Makefile.in: Use TEST_DIST, like for tcpdump.
Remove awk code from mkdep.
Cirrus CI: Add the libssl-dev package in the Linux task.
Cirrus CI: Add the openssl@3 brew package in the macOS task.
Get "make shellcheck" to pass again.
CMake: Build valgrindtest only if Autoconf would.
CMake: use ${CMAKE_INSTALL_SBINDIR} rather than just sbin.
CMake: use NUL: as the null device on Windows.
autoconf: fix typo in test of macOS version.
Makefile.in: Add two missing files in EXTRA_DIST.
autotools, cmake: provide an rpath option if necessary.
configure: get rid of the attempt to auto-run PKG_PROG_PKG_CONFIG.
configure: use PKG_CHECK_MODULES to run pkg-config.
Documentation:
Add README.solaris.md.
Add SCTP to pcap-filter(7).
Note that = and == are the same operator in filters (issue #1044).
Update INSTALL.md, README.md, and README.solaris.md.
Update and clean up CONTRIBUTING.md.
Trim documentation of support for now-dead UN*Xe and older
versions of other UN*Xes.
Move the "how to allocate a LINKTYPE_/DLT_ value" documentation to
the web site.
Clean up man pages.
Move README.capture-module to the web site.
Improve some protocol details in pcap-filter(7).
Refine "relop" notes in pcap-filter(7).
In pcap-filter(7) "domain" is an id.
Discuss backward compatibility in pcap-filter(7).
Other improvements to pcap-filter(7).
Document pcap_breakloop(3PCAP) interaction with threads better.
Document PCAP_ERROR_NOT_ACTIVATED for more routines.
Wednesday, June 9, 2021:
Summary for 1.10.1 libpcap release:
Packet filtering:
Fix "type XXX subtype YYY" giving a parse error
Source code:
@@ -234,7 +469,7 @@ Sunday, July 22, 2018
need to be
Fix reading of capture statistics for Linux USB
Fix packet size values for Linux USB packets (GitHub issue #808)
Check only VID in VLAN test in filterss (GitHub issue #461)
Check only VID in VLAN test in filters (GitHub issue #461)
Fix pcap_list_datalinks on 802.11 devices on macOS
Fix overflows with very large snapshot length in pcap file
Improve parsing of rpcapd configuration file (GitHub issue #767)
@@ -275,7 +510,6 @@ Sunday, July 22, 2018
Boost the TPACKET_V3 timeout to the maximum if a timeout of 0 was
specified
Five CVE-2019-15161, CVE-2019-15162, CVE-2019-15163, CVE-2019-15164, CVE-2019-15165
Fixes for CVE-2018-16301, errors in pcapng reading.
PCAPNG reader applies some sanity checks before doing malloc().
Sunday, June 24, 2018, by mcr@sandelman.ca
@@ -283,7 +517,7 @@ Sunday, June 24, 2018, by mcr@sandelman.ca
Added testing system to libpcap, independent of tcpdump
Changes to how pcap_t is activated
Adding support for Large stream buffers on Endace DAG cards
Changes to BSD 3-clause license to 2-clause licence
Changes to BSD 3-clause license to 2-clause license
Additions to TCP header parsing, per RFC3168
Add CMake build process (extensive number of changes)
Assign a value for OpenBSD DLT_OPENFLOW.
@@ -790,7 +1024,7 @@ Tue. September 19, 2006. ken@xelerance.com. Summary for 0.9.5 libpcap release
Add support to build libpcap.lib and wpcap.dll under Cygnus and
MingW32.
Mon. September 5, 2005. ken@xelerance.com. Summary for 0.9.4 libpcap release
Mon. September 5, 2005. ken@xelerance.com. Summary for 0.9.4 libpcap release
Support for radiotap on Linux (Mike Kershaw)
Fixes for HP-UX
@@ -801,7 +1035,7 @@ Mon. September 5, 2005. ken@xelerance.com. Summary for 0.9.4 libpcap release
parts of the filter expression to look at the PPP headers and
headers in the PPP payload
Tue. July 5, 2005. ken@xelerance.com. Summary for 0.9.3 libpcap release
Tue. July 5, 2005. ken@xelerance.com. Summary for 0.9.3 libpcap release
Fixes for compiling on nearly every platform,
including improved 64bit support
@@ -840,16 +1074,16 @@ Wed. November 12, 2003. mcr@sandelman.ottawa.on.ca. Summary for 0.8 release
Tuesday, February 25, 2003. fenner@research.att.com. 0.7.2 release
Support link types that use 802.2 always, never, and sometimes.
Don't decrease the size of the BPF buffer from the default.
Support frame relay.
Handle 32-bit timestamps in DLPI, and pass the right buffer size.
Handle Linux systems with modern kernel but without
SOL_PACKET in the userland headers.
Linux support for ARPHRD_RAWHDLC.
Handle 32-bit timestamps in snoop.
Support eg (Octane/O2xxx/O3xxx Gigabit) devices.
Add new reserved DLT types.
Support link types that use 802.2 always, never, and sometimes.
Don't decrease the size of the BPF buffer from the default.
Support frame relay.
Handle 32-bit timestamps in DLPI, and pass the right buffer size.
Handle Linux systems with modern kernel but without
SOL_PACKET in the userland headers.
Linux support for ARPHRD_RAWHDLC.
Handle 32-bit timestamps in snoop.
Support eg (Octane/O2xxx/O3xxx Gigabit) devices.
Add new reserved DLT types.
Monday October 23, 2001. mcr@sandelman.ottawa.on.ca. Summary for 0.7 release

757
libpcap/CMakeLists.txt
View File

File diff suppressed because it is too large Load Diff

6
libpcap/CONTRIBUTING.md
View File

@@ -14,10 +14,10 @@ above), please navigate to https://github.com/the-tcpdump-group/libpcap/issues
and check if the problem has already been reported. If it has not, please open
a new issue and provide the following details:
* libpcap version (e.g. from tcpdump --version)
* libpcap version (e.g. from `tcpdump --version`)
* operating system name and version and any other details that may be relevant
(uname -a, compiler name and version, CPU type etc.)
* configure flags if any were used
(`uname -a`, compiler name and version, CPU type etc.)
* `configure` or `cmake` flags if any were used
* statement of the problem
* steps to reproduce

11
libpcap/CREDITS
View File

@@ -33,6 +33,7 @@ Additional people who have contributed patches (in alphabetical order):
Baptiste Peugnez <baptiste dot peugnez at cea dot fr>
Baruch Siach <baruch at tkos dot co dot il>
Bill Parker <wp02855 at gmail dot com>
Biswapriyo Nath <nathbappai at gmail dot com>
blazeable <blazeable at blazeable dot eu>
bleader <bleader at ratonland dot org>
Brent Cook <brent at boundary dot com>
@@ -58,6 +59,7 @@ Additional people who have contributed patches (in alphabetical order):
Dave Barach <dave at barachs dot net>
David Clark <david dot clark at datasoft dot com>
David Kaelbling <drk at sgi dot com>
David Karoly <david dot karoly at outlook dot com>
David Ward <david dot ward at ll dot mit dot edu>
David Young <dyoung at ojctech dot com>
Dean Gaudet <dean at arctic dot org>
@@ -68,11 +70,13 @@ Additional people who have contributed patches (in alphabetical order):
Dustin Spicuzza <dustin at virtualroadside dot com>
dzejarczech <dzejarczech at sourceforge dot net>
Edward Sheldrake <ejs1920 at sourceforge dot net>
Eli Schwartz <eschwartz93 at gmail dot com>
Eric Anderson <anderse at hpl dot hp dot com>
Erik de Castro Lopo <erik dot de dot castro dot lopo at sensorynetworks dot com>
Fedor Sakharov <fedor dot sakharov at gmail dot com>
Felix Janda <felix dot janda at posteo dot de>
Felix Obenhuber <felix at obenhuber dot de>
fghzxm <fghzxm at outlook dot com>
Florent Drouin <Florent dot Drouin at alcatel-lucent dot fr>
Florian Fainelli <f dot fainelli at gmail dot com>
François Revol <revol at free dot fr>
@@ -132,6 +136,7 @@ Additional people who have contributed patches (in alphabetical order):
Kris Katterjohn <katterjohn at gmail dot com>
Krzysztof Halasa <khc at pm dot waw dot pl>
Lennert Buytenhek <buytenh at wantstofly dot org>
Li kunyu <kunyu at nfschina dot com>
lixiaoyan <lixiaoyan at google dot com>
Lorenzo Cavallaro <sullivan at sikurezza dot org>
Loris Degioanni <loris at netgroup-serv dot polito dot it>
@@ -157,6 +162,7 @@ Additional people who have contributed patches (in alphabetical order):
Max Laier <max at love2party dot net>
Michal Kubecek <mkubecek at suse dot cz>
Michal Labedzki <michal dot labedzki at tieto dot com>
Michal Ruprich <michalruprich at gmail dot com>
Michal Sekletar <msekleta at redhat dot com>
Mike Frysinger <vapier at gmail dot com>
Mike Kershaw <dragorn at kismetwireless dot net>
@@ -166,6 +172,7 @@ Additional people who have contributed patches (in alphabetical order):
Monroe Williams <monroe at pobox dot com>
Myricom Help <myri at users dot noreply dot github dot com>
Nan Xiao <nan at chinadtrace dot org>
nic-kaczinsky <68271784+nic-kaczinsky at users dot noreply dot github dot com>
Nick Kelsey <nickk at silicondust dot com>
Nicolas Dade <ndade at nsd dot dyndns dot org>
Niko Delarich <niko dot delarich at gmail dot com>
@@ -181,7 +188,7 @@ Additional people who have contributed patches (in alphabetical order):
Ørjan Malde <red at foxi dot me>
Paolo Abeni <pabeni at redhat dot com>
Patrick Marie <mycroft at virgaria dot org>
Patrick McHardy <kaber at trash not net>
Patrick McHardy <kaber at trash dot net>
Paul Mundt <lethal at linux-sh dot org>
Pavel Kankovsky <kan at dcit dot cz>
Pawel Brzezinski <pawel dot brzezinski at harman dot com>
@@ -193,6 +200,7 @@ Additional people who have contributed patches (in alphabetical order):
Philippe Antoine <contact at catenacyber dot fr>
Phil Wood <cpw at lanl dot gov>
Rafal Maszkowski <rzm at icm dot edu dot pl>
ramin <lordrasmus at gmail dot com>
<rcb-isis at users dot sourceforge dot net>
Richard Stearn <richard at rns-stearn dot demon dot co dot uk>
Rick Jones <raj at cup dot hp dot com>
@@ -208,6 +216,7 @@ Additional people who have contributed patches (in alphabetical order):
Sebastian Krahmer <krahmer at cs dot uni-potsdam dot de>
Sebastien Roy <Sebastien dot Roy at Sun dot COM>
Sepherosa Ziehau <sepherosa at gmail dot com>
Shane Kerr <shane at time-travellers dot org>
Shaun Clowes <delius at progsoc dot uts dot edu dot au>
solofox <wensg100 at sina dot com>
Solomon Peachy <pizza at shaftnet dot org>

294
libpcap/INSTALL.md
View File

@@ -1,105 +1,120 @@
To build libpcap, run "./configure" (a shell script). The configure
script will determine your system attributes and generate an
appropriate Makefile from Makefile.in. Next run "make". If everything
goes well you can su to root and run "make install". However, you need
not install libpcap if you just want to build tcpdump; just make sure
the tcpdump and libpcap directory trees have the same parent
directory.
# libpcap installation notes
Libpcap can be built either with the configure script and `make`, or
with CMake and any build system supported by CMake.
To build libpcap with the configure script and `make`:
* Run `./configure` (a shell script). The configure script will
determine your system attributes and generate an appropriate `Makefile`
from `Makefile.in`. The configure script has a number of options to
control the configuration of libpcap; `./configure --help`` will show
them.
* Next, run `make`. If everything goes well, you can
`su` to root and run `make install`. However, you need not install
libpcap if you just want to build tcpdump; just make sure the tcpdump
and libpcap directory trees have the same parent directory.
To build libpcap with CMake and the build system of your choice, from
the command line:
* Create a build directory into which CMake will put the build files it
generates; CMake does not work as well with builds done in the source
code directory as does the configure script. The build directory may be
created as a subdirectory of the source directory or as a directory
outside the source directory.
* Change to the build directory and run CMake with the path from the
build directory to the source directory as an argument. The `-G` flag
can be used to select the CMake "generator" appropriate for the build
system you're using; various `-D` flags can be used to control the
configuration of libpcap.
* Run the build tool. If everything goes well, you can `su` to root and
run the build tool with the `install` target. Building tcpdump from a
libpcap in a build directory is not supported.
An `uninstall` target is supported with both `./configure` and CMake.
***DO NOT*** run the build as root; there is no need to do so, running
anything as root that doesn't need to be run as root increases the risk
of damaging your system, and running the build as root will put files in
the build directory that are owned by root and that probably cannot be
overwritten, removed, or replaced except by root, which could cause
permission errors in subsequent builds.
If configure says:
configure: warning: cannot determine packet capture interface
configure: warning: (see INSTALL for more info)
configure: warning: (see INSTALL.md file for more info)
or CMake says:
cannot determine packet capture interface
(see the INSTALL.md file for more info)
then your system either does not support packet capture or your system
does support packet capture but libpcap does not support that
particular type. (If you have HP-UX, see below.) If your system uses a
packet capture not supported by libpcap, please send us patches; don't
forget to include an autoconf fragment suitable for use in
configure.ac.
`configure.ac`.
It is possible to override the default packet capture type, although
the circumstance where this works are limited. For example if you have
installed bpf under SunOS 4 and wish to build a snit libpcap:
It is possible to override the default packet capture type with the
`--with-pcap`` option to `./configure` or the `-DPCAP_TYPE` option to
CMake, although the circumstances where this works are limited. One
possible reason to do that would be to force a supported packet capture
type in the case where the configure or CMake scripts fails to detect
it.
./configure --with-pcap=snit
Another example is to force a supported packet capture type in the case
where the configure scripts fails to detect it.
You will need an ANSI C compiler to build libpcap. The configure script
will abort if your compiler is not ANSI compliant. If this happens, use
the generally available GNU C compiler (GCC).
You will need a C99 compiler to build libpcap. The configure script
will abort if your compiler is not C99 compliant. If this happens, use
the generally available GNU C compiler (GCC) or Clang.
You will need either Flex 2.5.31 or later, or a version of Lex
compatible with it (if any exist), to build libpcap. The configure
script will abort if there isn't any such program. If you have an older
version of Flex, or don't have a compatible version of Lex, the current
version of flex is available at flex.sourceforge.net.
script will abort if there isn't any such program; CMake fails if Flex
or Lex cannot be found, but doesn't ensure that it's compatible with
Flex 2.5.31 or later. If you have an older version of Flex, or don't
have a compatible version of Lex, the current version of Flex is
available [here](https://github.com/westes/flex).
You will need either Bison, Berkeley YACC, or a version of YACC
compatible with them (if any exist), to build libpcap. The configure
script will abort if there isn't any such program. If you don't have
any such program, the current version of Bison can be found at
https://ftp.gnu.org/gnu/bison/ and the current version of Berkeley YACC
can be found at https://invisible-island.net/byacc/.
script will abort if there isn't any such program; CMake fails if Bison
or some form of YACC cannot be found, but doesn't ensure that it's
compatible with Bison or Berkeley YACC. If you don't have any such
program, the current version of Bison can be found
[here](https://ftp.gnu.org/gnu/bison/) and the current version of
Berkeley YACC can be found [here](https://invisible-island.net/byacc/).
Sometimes the stock C compiler does not interact well with Flex and
Bison. The list of problems includes undefined references for alloca.
Bison. The list of problems includes undefined references for alloca(3).
You can get around this by installing GCC.
If you use Solaris, there is a bug with bufmod(7) that is fixed in
Solaris 2.3.2 (aka SunOS 5.3.2). Setting a snapshot length with the
broken bufmod(7) results in data be truncated from the FRONT of the
packet instead of the end. The work around is to not set a snapshot
length but this results in performance problems since the entire packet
is copied to user space. If you must run an older version of Solaris,
there is a patch available from Sun; ask for bugid 1149065. After
installing the patch, use "setenv BUFMOD_FIXED" to enable use of
bufmod(7). However, we recommend you run a more current release of
Solaris.
## Linux specifics
On Linux, libpcap will not work if the kernel does not have the packet
socket option enabled; see [this file](doc/README.linux) for more
information.
## Solaris specifics
If you use the SPARCompiler, you must be careful to not use the
/usr/ucb/cc interface. If you do, you will get bogus warnings and
perhaps errors. Either make sure your path has /opt/SUNWspro/bin
before /usr/ucb or else:
`/usr/ucb/cc` interface. If you do, you will get bogus warnings and
perhaps errors. Either make sure your path has `/opt/SUNWspro/bin`
before `/usr/ucb` or else:
setenv CC /opt/SUNWspro/bin/cc
before running configure. (You might have to do a "make distclean"
if you already ran configure once).
before running configure. (You might have to do a `make distclean`
if you already ran `configure` once).
If you are trying to do packet capture with a FORE ATM card, you may or
may not be able to. They usually only release their driver in object
code so unless their driver supports packet capture, there's not much
libpcap can do.
If you get an error like:
tcpdump: recv_ack: bind error 0x???
when using DLPI, look for the DL_ERROR_ACK error return values, usually
in /usr/include/sys/dlpi.h, and find the corresponding value.
Under {DEC OSF/1, Digital UNIX, Tru64 UNIX}, packet capture must be
enabled before it can be used. For instructions on how to enable packet
filter support, see:
ftp://ftp.digital.com/pub/Digital/dec-faq/Digital-UNIX
Look for the "How do I configure the Berkeley Packet Filter and capture
tcpdump traces?" item.
Once you enable packet filter support, your OSF system will support bpf
natively.
Under Ultrix, packet capture must be enabled before it can be used. For
instructions on how to enable packet filter support, see:
ftp://ftp.digital.com/pub/Digital/dec-faq/ultrix
See [this file](doc/README.solaris.md) for more up to date
Solaris-related information.
## HP-UX specifics
If you use HP-UX, you must have at least version 9 and either the
version of cc that supports ANSI C (cc -Aa) or else use the GNU C
version of `cc` that supports C99 (`cc -AC99`) or else use the GNU C
compiler. You must also buy the optional streams package. If you don't
have:
@@ -113,10 +128,10 @@ need to install the "9.X LAN and DLPI drivers cumulative" patch
The DLPI streams package is standard starting with HP-UX 10.
The HP implementation of DLPI is a little bit eccentric. Unlike
Solaris, you must attach /dev/dlpi instead of the specific /dev/*
Solaris, you must attach `/dev/dlpi` instead of the specific `/dev/*`
network pseudo device entry in order to capture packets. The PPA is
based on the ifnet "index" number. Under HP-UX 9, it is necessary to
read /dev/kmem and the kernel symbol file (/hp-ux). Under HP-UX 10,
read `/dev/kmem` and the kernel symbol file (`/hp-ux`). Under HP-UX 10,
DLPI can provide information for determining the PPA. It does not seem
to be possible to trace the loopback interface. Unlike other DLPI
implementations, PHYS implies MULTI and SAP and you get an error if you
@@ -137,117 +152,34 @@ doing
echo 'lanc_outbound_promisc_flag/W 1' | adb -w /stand/vmunix /dev/mem
You would have to arrange that this happen on reboots; the right way to
You would have to arrange that this happens on reboots; the right way to
do that would probably be to put it into an executable script file
"/sbin/init.d/outbound_promisc" and making
"/sbin/rc2.d/S350outbound_promisc" a symbolic link to that script.
`/sbin/init.d/outbound_promisc` and making
`/sbin/rc2.d/S350outbound_promisc` a symbolic link to that script.
Finally, testing shows that there can't be more than one simultaneous
DLPI user per network interface.
If you use Linux, this version of libpcap is known to compile and run
under Red Hat 4.0 with the 2.0.25 kernel. It may work with earlier 2.X
versions but is guaranteed not to work with 1.X kernels. Running more
than one libpcap program at a time, on a system with a 2.0.X kernel, can
cause problems since promiscuous mode is implemented by twiddling the
interface flags from the libpcap application; the packet capture
mechanism in the 2.2 and later kernels doesn't have this problem. Also,
packet timestamps aren't very good. This appears to be due to haphazard
handling of the timestamp in the kernel.
See [this file](doc/README.hpux) for more information specific to HP-UX.
Note well: there is rumoured to be a version of tcpdump floating around
called 3.0.3 that includes libpcap and is supposed to support Linux.
You should be advised that neither the Network Research Group at LBNL
nor the Tcpdump Group ever generated a release with this version number.
The LBNL Network Research Group notes with interest that a standard
cracker trick to get people to install trojans is to distribute bogus
packages that have a version number higher than the current release.
They also noted with annoyance that 90% of the Linux related bug reports
they got are due to changes made to unofficial versions of their page.
If you are having trouble but aren't using a version that came from
tcpdump.org, please try that before submitting a bug report!
On Linux, libpcap will not work if the kernel does not have the packet
socket option enabled; see the README.linux file for information about
this.
If you use AIX, you may not be able to build libpcap from this release.
We do not have an AIX system in house so it's impossible for us to test
AIX patches submitted to us. We are told that you must link against
/lib/pse.exp, that you must use AIX cc or a GNU C compiler newer than
2.7.2, and that you may need to run strload before running a libpcap
application.
Read the README.aix file for information on installing libpcap and
## AIX specifics
See [this file](doc/README.aix) for information on installing libpcap and
configuring your system to be able to support libpcap.
If you use NeXTSTEP, you will not be able to build libpcap from this
release.
## other specifics
If you are trying to do packet capture with a FORE ATM card, you may or
may not be able to. They usually only release their driver in object
code so unless their driver supports packet capture, there's not much
libpcap can do.
If you use SINIX, you should be able to build libpcap from this
release. It is known to compile and run on SINIX-Y/N 5.42 with the C-DS
V1.0 or V1.1 compiler. But note that in some releases of SINIX, yacc
emits incorrect code; if grammar.y fails to compile, change every
occurrence of:
If you get an error like:
#ifdef YYDEBUG
tcpdump: recv_ack: bind error 0x???
to:
#if YYDEBUG
when using DLPI, look for the DL_ERROR_ACK error return values, usually
in `/usr/include/sys/dlpi.h`, and find the corresponding value.
Another workaround is to use flex and bison.
If you use SCO, you might have trouble building libpcap from this
release. We do not have a machine running SCO and have not had reports
of anyone successfully building on it; the current release of libpcap
does not compile on SCO OpenServer 5. Although SCO apparently supports
DLPI to some extent, the DLPI in OpenServer 5 is very non-standard, and
it appears that completely new code would need to be written to capture
network traffic. SCO do not appear to provide tcpdump binaries for
OpenServer 5 or OpenServer 6 as part of SCO Skunkware:
http://www.sco.com/skunkware/
If you use UnixWare, you might be able to build libpcap from this
release, or you might not. We do not have a machine running UnixWare,
so we have not tested it; however, SCO provide packages for libpcap
0.6.2 and tcpdump 3.7.1 in the UnixWare 7/Open UNIX 8 part of SCO
Skunkware, and the source package for libpcap 0.6.2 is not changed from
the libpcap 0.6.2 source release, so this release of libpcap might also
build without changes on UnixWare 7.
If linking tcpdump fails with "Undefined: _alloca" when using bison on
a Sun4, your version of Bison is broken. In any case version 1.16 or
higher is recommended (1.14 is known to cause problems 1.16 is known to
work). Either pick up a current version from:
https://ftp.gnu.org/gnu/bison/
or hack around it by inserting the lines:
#ifdef __GNUC__
#define alloca __builtin_alloca
#else
#ifdef sparc
#include <alloca.h>
#else
char *alloca ();
#endif
#endif
right after the (100 line!) GNU license comment in bison.simple, remove
grammar.[co] and fire up make again.
If you use SunOS 4, your kernel must support streams NIT. If you run a
libpcap program and it dies with:
/dev/nit: No such device
You must add streams NIT support to your kernel configuration, run
config and boot the new kernel.
FILES
-----
## Description of files
CHANGES - description of differences between releases
ChmodBPF/* - macOS startup item to set ownership and permissions on /dev/bpf*
CMakeLists.txt - CMake file
@@ -264,10 +196,9 @@ FILES
doc/README.macos - notes on using libpcap on macOS
doc/README.septel - notes on using libpcap to capture on Intel/Septel devices
doc/README.sita - notes on using libpcap to capture on SITA devices
doc/README.tru64 - notes on using libpcap on Digital/Tru64 UNIX
doc/README.solaris.md - notes on using libpcap on Solaris
doc/README.Win32.md - notes on using libpcap on Win32 systems (with Npcap)
VERSION - version of this release
acconfig.h - support for post-2.13 autoconf
aclocal.m4 - autoconf macros
arcnet.h - ARCNET definitions
atmuni31.h - ATM Q.2931 definitions
@@ -286,8 +217,8 @@ FILES
fad-getad.c - pcap_findalldevs() for systems with getifaddrs()
fad-gifc.c - pcap_findalldevs() for systems with only SIOCGIFLIST
fad-glifc.c - pcap_findalldevs() for systems with SIOCGLIFCONF
filtertest.c - test program for BPF compiler
findalldevstest.c - test program for pcap_findalldevs()
testprogs/filtertest.c - test program for BPF compiler
testprogs/findalldevstest.c - test program for pcap_findalldevs()
gencode.c - BPF code generation routines
gencode.h - BPF code generation definitions
grammar.y - filter string grammar
@@ -300,7 +231,6 @@ FILES
msdos/* - drivers for MS-DOS capture support
nametoaddr.c - hostname to address routines
nlpid.h - OSI network layer protocol identifier definitions
net - symlink to bpf/net
optimize.c - BPF optimization routines
pcap/bluetooth.h - public definition of DLT_BLUETOOTH_HCI_H4_WITH_PHDR header
pcap/bpf.h - BPF definitions
@@ -323,17 +253,14 @@ FILES
pcap-linux.c - Linux packet socket support
pcap-namedb.h - header for backwards compatibility
pcap-nit.c - SunOS Network Interface Tap support
pcap-nit.h - SunOS Network Interface Tap definitions
pcap-npf.c - Npcap capture support
pcap-null.c - dummy monitor support (allows offline use of libpcap)
pcap-pf.c - Ultrix and Digital/Tru64 UNIX Packet Filter support
pcap-pf.h - Ultrix and Digital/Tru64 UNIX Packet Filter definitions
pcap-septel.c - Intel/Septel device capture support
pcap-septel.h - Intel/Septel device capture support
pcap-sita.c - SITA device capture support
pcap-sita.h - SITA device capture support
pcap-sita.html - SITA device capture documentation
pcap-stdinc.h - includes and #defines for compiling on Win32 systems
pcap-snit.c - SunOS 4.x STREAMS-based Network Interface Tap support
pcap-snoop.c - IRIX Snoop network monitoring support
pcap-usb-linux.c - USB capture support for Linux
@@ -342,10 +269,9 @@ FILES
pcap.c - pcap utility routines
pcap.h - header for backwards compatibility
pcap_*.3pcap - manual entries for library functions
pcap-filter.4 - manual entry for filter syntax
pcap-linktype.4 - manual entry for link-layer header types
pcap-filter.manmisc.in - manual entry for filter syntax
pcap-linktype.manmisc.in - manual entry for link-layer header types
ppp.h - Point to Point Protocol definitions
savefile.c - offline support
scanner.l - filter string scanner
sunatmpos.h - definitions for SunATM capturing
Win32 - headers and routines for building on Win32 systems

111
libpcap/Makefile.in
View File

@@ -1,5 +1,5 @@
# Copyright (c) 1993, 1994, 1995, 1996
# The Regents of the University of California. All rights reserved.
# The Regents of the University of California. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that: (1) source code distributions
@@ -61,13 +61,12 @@ CROSSFLAGS=
CFLAGS = @CFLAGS@ ${CROSSFLAGS}
LDFLAGS = @LDFLAGS@ ${CROSSFLAGS}
DYEXT = @DYEXT@
V_RPATH_OPT = @V_RPATH_OPT@
RPATH = @RPATH@
DEPENDENCY_CFLAG = @DEPENDENCY_CFLAG@
PROG=libpcap
PTHREAD_LIBS=@PTHREAD_LIBS@
BUILD_RPCAPD=@BUILD_RPCAPD@
INSTALL_RPCAPD=@INSTALL_RPCAPD@
EXTRA_NETWORK_LIBS=@EXTRA_NETWORK_LIBS@
# Standard CFLAGS for building members of a shared library
FULL_CFLAGS = $(CCOPT) @V_LIB_CCOPT_FAT@ $(SHLIB_CCOPT) $(INCLS) $(DEFS) $(CFLAGS)
@@ -90,9 +89,9 @@ PLATFORM_CXX_SRC = @PLATFORM_CXX_SRC@
MODULE_C_SRC = @MODULE_C_SRC@
REMOTE_C_SRC = @REMOTE_C_SRC@
COMMON_C_SRC = pcap.c gencode.c optimize.c nametoaddr.c etherent.c \
fmtutils.c \
fmtutils.c pcap-util.c \
savefile.c sf-pcap.c sf-pcapng.c pcap-common.c \
bpf_image.c bpf_filter.c bpf_dump.c
pcap-usb-linux-common.c bpf_image.c bpf_filter.c bpf_dump.c
GENERATED_C_SRC = scanner.c grammar.c
LIBOBJS = @LIBOBJS@
@@ -112,21 +111,21 @@ PUBHDR = \
pcap.h \
pcap-bpf.h \
pcap-namedb.h \
pcap/bpf.h \
pcap/bluetooth.h \
pcap/bpf.h \
pcap/can_socketcan.h \
pcap/compiler-tests.h \
pcap/dlt.h \
pcap/funcattrs.h \
pcap/pcap-inttypes.h \
pcap/ipnet.h \
pcap/namedb.h \
pcap/nflog.h \
pcap/pcap-inttypes.h \
pcap/pcap.h \
pcap/sll.h \
pcap/socket.h \
pcap/vlan.h \
pcap/usb.h
pcap/usb.h \
pcap/vlan.h
HDR = $(PUBHDR) \
arcnet.h \
@@ -146,6 +145,9 @@ HDR = $(PUBHDR) \
pcap-int.h \
pcap-rpcap.h \
pcap-types.h \
pcap-usb-linux-common.h \
pcap-util.h \
pflog.h \
portability.h \
ppp.h \
rpcap-protocol.h \
@@ -160,8 +162,8 @@ GENHDR = \
TAGFILES = \
$(SRC) $(HDR)
CLEANFILES = $(OBJ) libpcap.a libpcap.so.`cat $(srcdir)/VERSION.txt` \
$(PROG)-`cat $(srcdir)/VERSION.txt`.tar.gz \
CLEANFILES = $(OBJ) libpcap.a libpcap.so.`cat $(srcdir)/VERSION` \
$(PROG)-`cat $(srcdir)/VERSION`.tar.gz \
lex.yy.c pcap-config libpcap.pc
MAN1 = pcap-config.1
@@ -249,16 +251,25 @@ EXTRA_DIST = \
Makefile.in \
Makefile-devel-adds \
README.md \
doc \
doc/README.Win32.md \
doc/README.aix \
doc/README.dag \
doc/README.hpux \
doc/README.linux \
doc/README.macos \
doc/README.septel \
doc/README.sita \
doc/README.solaris.md \
CONTRIBUTING.md \
TODO \
VERSION.txt \
VERSION \
aclocal.m4 \
charconv.c \
charconv.h \
chmod_bpf \
cmake_uninstall.cmake.in \
cmakeconfig.h.in \
cmake/Modules/FindAirPcap.cmake \
cmake/Modules/FindDAG.cmake \
cmake/Modules/Finddpdk.cmake \
cmake/Modules/FindFseeko.cmake \
@@ -399,6 +410,7 @@ EXTRA_DIST = \
testprogs/fuzz/fuzz_pcap.c \
testprogs/fuzz/fuzz_pcap.options \
testprogs/fuzz/onefile.c \
testprogs/nonblocktest.c \
testprogs/opentest.c \
testprogs/reactivatetest.c \
testprogs/selpolltest.c \
@@ -406,11 +418,13 @@ EXTRA_DIST = \
testprogs/unix.h \
testprogs/valgrindtest.c \
testprogs/visopts.py \
testprogs/writecaptest.c \
tests/shb-option-too-long.pcapng \
Win32/Prj/wpcap.sln \
Win32/Prj/wpcap.vcxproj \
Win32/Prj/wpcap.vcxproj.filters
testprogs/writecaptest.c
TEST_DIST = `git ls-files tests | grep -v 'tests/\..*'`
RELEASE_FILES = $(COMMON_C_SRC) $(HDR) $(MAN1) $(MAN3PCAP_EXPAND) \
$(MAN3PCAP_NOEXPAND) $(MANFILE) $(MANMISC) $(EXTRA_DIST) \
$(TEST_DIST)
all: libpcap.a shared $(BUILD_RPCAPD) libpcap.pc pcap-config
@@ -432,8 +446,8 @@ shared: libpcap.$(DYEXT)
libpcap.so: $(OBJ)
@rm -f $@
VER=`cat $(srcdir)/VERSION.txt`; \
MAJOR_VER=`sed 's/\([0-9][0-9]*\)\..*/\1/' $(srcdir)/VERSION.txt`; \
VER=`cat $(srcdir)/VERSION`; \
MAJOR_VER=`sed 's/\([0-9][0-9]*\)\..*/\1/' $(srcdir)/VERSION`; \
@V_SHLIB_CMD@ $(LDFLAGS) @V_SHLIB_OPT@ @V_SONAME_OPT@$@.$$MAJOR_VER \
-o $@.$$VER $(OBJ) $(ADDLOBJS) $(LIBS)
@@ -448,17 +462,17 @@ libpcap.so: $(OBJ)
# but not in the older version.
#
# We also use "A" as the major version, and 1 as the compatibility version,
# but set the current version to the value in VERSION.txt, with any non-numeric
# but set the current version to the value in VERSION, with any non-numeric
# stuff stripped off (the compatibility and current version must be of the
# form X[.Y[.Z]], with Y and Z possibly absent, and with all components
# numeric).
#
libpcap.dylib: $(OBJ)
rm -f libpcap*.dylib
VER=`cat $(srcdir)/VERSION.txt`; \
VER=`cat $(srcdir)/VERSION`; \
MAJOR_VER=A; \
COMPAT_VER=1; \
CURRENT_VER=`sed 's/[^0-9.].*$$//' $(srcdir)/VERSION.txt`; \
CURRENT_VER=`sed 's/[^0-9.].*$$//' $(srcdir)/VERSION`; \
$(CC) -dynamiclib -undefined error $(LDFLAGS) @V_LIB_LDFLAGS_FAT@ \
-o libpcap.$$VER.dylib $(OBJ) $(ADDLOBJS) $(LIBS) \
-install_name $(libdir)/libpcap.$$MAJOR_VER.dylib \
@@ -478,9 +492,9 @@ libpcap.dylib: $(OBJ)
# linker, even with GCC.
#
libpcap.sl: $(OBJ)
@MAJOR_VER=`sed 's/\([0-9][0-9]*\)\..*/\1/' $(srcdir)/VERSION.txt`; \
@MAJOR_VER=`sed 's/\([0-9][0-9]*\)\..*/\1/' $(srcdir)/VERSION`; \
rm -f libpcap.$$MAJOR_VER
MAJOR_VER=`sed 's/\([0-9][0-9]*\)\..*/\1/' $(srcdir)/VERSION.txt`; \
MAJOR_VER=`sed 's/\([0-9][0-9]*\)\..*/\1/' $(srcdir)/VERSION`; \
ld -b $(LDFLAGS) -o libpcap.$$MAJOR_VER +h libpcap.$$MAJOR_VER \
$(OBJ) $(ADDLOBJS) $(LIBS)
@@ -671,15 +685,15 @@ install-shared: install-shared-$(DYEXT)
install-shared-so: libpcap.so
[ -d $(DESTDIR)$(libdir) ] || \
(mkdir -p $(DESTDIR)$(libdir); chmod 755 $(DESTDIR)$(libdir))
VER=`cat $(srcdir)/VERSION.txt`; \
MAJOR_VER=`sed 's/\([0-9][0-9]*\)\..*/\1/' $(srcdir)/VERSION.txt`; \
VER=`cat $(srcdir)/VERSION`; \
MAJOR_VER=`sed 's/\([0-9][0-9]*\)\..*/\1/' $(srcdir)/VERSION`; \
$(INSTALL_PROGRAM) libpcap.so.$$VER $(DESTDIR)$(libdir)/libpcap.so.$$VER; \
ln -sf libpcap.so.$$VER $(DESTDIR)$(libdir)/libpcap.so.$$MAJOR_VER; \
ln -sf libpcap.so.$$MAJOR_VER $(DESTDIR)$(libdir)/libpcap.so
install-shared-dylib: libpcap.dylib
[ -d $(DESTDIR)$(libdir) ] || \
(mkdir -p $(DESTDIR)$(libdir); chmod 755 $(DESTDIR)$(libdir))
VER=`cat $(srcdir)/VERSION.txt`; \
VER=`cat $(srcdir)/VERSION`; \
MAJOR_VER=A; \
$(INSTALL_PROGRAM) libpcap.$$VER.dylib $(DESTDIR)$(libdir)/libpcap.$$VER.dylib; \
ln -sf libpcap.$$VER.dylib $(DESTDIR)$(libdir)/libpcap.$$MAJOR_VER.dylib; \
@@ -687,7 +701,7 @@ install-shared-dylib: libpcap.dylib
install-shared-sl: libpcap.sl
[ -d $(DESTDIR)$(libdir) ] || \
(mkdir -p $(DESTDIR)$(libdir); chmod 755 $(DESTDIR)$(libdir))
MAJOR_VER=`sed 's/\([0-9][0-9]*\)\..*/\1/' $(srcdir)/VERSION.txt`; \
MAJOR_VER=`sed 's/\([0-9][0-9]*\)\..*/\1/' $(srcdir)/VERSION`; \
$(INSTALL_PROGRAM) libpcap.$$MAJOR_VER $(DESTDIR)$(libdir)
ln -sf libpcap.$$MAJOR_VER $(DESTDIR)$(libdir)/libpcap.sl
install-shared-shareda: libpcap.shareda
@@ -754,19 +768,19 @@ uninstall: uninstall-shared uninstall-rpcapd
uninstall-shared: uninstall-shared-$(DYEXT)
uninstall-shared-so:
VER=`cat $(srcdir)/VERSION.txt`; \
MAJOR_VER=`sed 's/\([0-9][0-9]*\)\..*/\1/' $(srcdir)/VERSION.txt`; \
VER=`cat $(srcdir)/VERSION`; \
MAJOR_VER=`sed 's/\([0-9][0-9]*\)\..*/\1/' $(srcdir)/VERSION`; \
rm -f $(DESTDIR)$(libdir)/libpcap.so.$$VER; \
rm -f $(DESTDIR)$(libdir)/libpcap.so.$$MAJOR_VER; \
rm -f $(DESTDIR)$(libdir)/libpcap.so
uninstall-shared-dylib:
VER=`cat $(srcdir)/VERSION.txt`; \
VER=`cat $(srcdir)/VERSION`; \
MAJOR_VER=A; \
rm -f $(DESTDIR)$(libdir)/libpcap.$$VER.dylib; \
rm -f $(DESTDIR)$(libdir)/libpcap.$$MAJOR_VER.dylib; \
rm -f $(DESTDIR)$(libdir)/libpcap.dylib
uninstall-shared-sl:
MAJOR_VER=`sed 's/\([0-9][0-9]*\)\..*/\1/' $(srcdir)/VERSION.txt`; \
MAJOR_VER=`sed 's/\([0-9][0-9]*\)\..*/\1/' $(srcdir)/VERSION`; \
rm -f $(DESTDIR)$(libdir)/libpcap.$$MAJOR_VER; \
rm -f $(DESTDIR)$(libdir)/libpcap.sl
uninstall-shared-shareda:
@@ -781,8 +795,8 @@ clean:
distclean: clean
rm -f Makefile grammar.y config.cache config.log config.status \
config.h gnuc.h net os-proto.h libpcap.pc \
pcap-config stamp-h stamp-h.in
config.h config.h.in~ configure~ configure.ac~ \
net os-proto.h libpcap.pc pcap-config stamp-h stamp-h.in
rm -f $(MAN3PCAP_EXPAND:.in=) $(MANFILE:.in=) $(MANMISC:.in=)
rm -rf autom4te.cache
@@ -793,24 +807,19 @@ tags: $(TAGFILES)
ctags -wtd $(TAGFILES)
releasetar:
@autoreconf -f; \
name=$(PROG)-`cat VERSION.txt` ; \
mkdir $$name; \
tar -c --exclude='*~' -f - $(COMMON_C_SRC) $(HDR) $(MAN1) \
$(MAN3PCAP_EXPAND) $(MAN3PCAP_NOEXPAND) $(MANFILE) \
$(MANMISC) $(EXTRA_DIST) | \
(cd $$name; tar xf -); \
tar -c -z -f $$name.tar.gz $$name; \
rm -rf $$name
rc1 rc2 rc3 rc4 rc5:
@VER=`cat $(srcdir)/VERSION.txt`; \
sed -i "s/$$VER/$${VER}$@/" VERSION.txt ; \
make releasetar; \
git checkout VERSION.txt configure
@TAG=$(PROG)-`cat VERSION` && \
if git show-ref --tags --quiet --verify -- "refs/tags/$$TAG"; then \
git archive --prefix="$$TAG"/ -o "$$TAG".tar.gz "$$TAG" \
$(RELEASE_FILES) && \
echo "Archive build from tag $$TAG."; \
else \
git archive --prefix="$$TAG"/ -o "$$TAG".tar.gz HEAD \
$(RELEASE_FILES) && \
echo "No $$TAG tag. Archive build from HEAD."; \
fi
depend: $(GENERATED_C_SRC) $(GENHDR)
$(MKDEP) -c "$(CC)" -m "$(DEPENDENCY_CFLAG)" -s "$(srcdir)" $(CFLAGS) $(DEFS) $(INCLS) $(SRC)
shellcheck:
shellcheck -f gcc build.sh build_matrix.sh
shellcheck -f gcc -e SC2006 build.sh build_matrix.sh build_common.sh

34
libpcap/NMAP_MODIFICATIONS/0001-Don-t-autogenerate-Lex-Yacc-files.patch
View File

@@ -1,5 +1,5 @@
--- libpcap-1.10.1/Makefile.in 2021-06-07 20:21:35.000000000 +0000
+++ libpcap/Makefile.in 2022-08-31 18:00:55.284383667 +0000
--- a/libpcap/Makefile.in 2021-06-07 20:21:35.000000000 +0000
+++ b/libpcap/Makefile.in 2022-08-31 18:00:55.284383667 +0000
@@ -78,9 +78,6 @@
INSTALL_DATA = @INSTALL_DATA@
RANLIB = @RANLIB@
@@ -67,9 +67,9 @@
grammar.o: grammar.c scanner.h
$(CC) $(FULL_CFLAGS) -c grammar.c
--- libpcap-1.10.1/configure.ac 2021-06-07 20:21:35.000000000 +0000
+++ libpcap/configure.ac 2022-08-31 18:02:07.017322554 +0000
@@ -1716,106 +1716,6 @@
--- a/libpcap/configure.ac 2021-06-07 20:21:35.000000000 +0000
+++ b/libpcap/configure.ac 2022-08-31 18:02:07.017322554 +0000
@@ -1716,112 +1716,6 @@
AC_MSG_RESULT(${enable_yydebug-no})
#
@@ -92,7 +92,13 @@
- fi)
-if test $tcpdump_cv_capable_lex = insufficient ; then
- AC_MSG_ERROR([$LEX is insufficient to compile libpcap.
- libpcap requires Flex 2.5.31 or later, or a compatible version of lex.])
- libpcap requires Flex 2.5.31 or later, or a compatible version of lex.
- If a suitable version of Lex/Flex is available as a non-standard command
- and/or not in the PATH, you can specify it using the LEX environment
- variable. That said, on some systems the error can mean that Flex/Lex is
- actually acceptable, but m4 is not. Likewise, if a suitable version of
- m4 (such as GNU M4) is available but has not been detected, you can
- specify it using the M4 environment variable.])
-fi
-
-#
@@ -150,7 +156,7 @@
- tcpdump_cv_capable_yacc=insufficient
- fi)
- if test $tcpdump_cv_capable_yacc = insufficient ; then
- AC_MSG_ERROR([$YACC is insufficient to compile libpcap.
- AC_MSG_ERROR([$BISON_BYACC is insufficient to compile libpcap.
- libpcap requires Bison, a newer version of Berkeley YACC with support
- for reentrant parsers, or another YACC compatible with them.])
- fi
@@ -176,17 +182,3 @@
# Do various checks for various OSes and versions of those OSes.
#
# Assume, by default, no support for shared libraries and V7/BSD
@@ -2237,13 +2137,11 @@
AC_SUBST(V_PROG_LDFLAGS_FAT)
AC_SUBST(V_DEFS)
AC_SUBST(V_INCLS)
-AC_SUBST(V_LEX)
AC_SUBST(V_SHLIB_CCOPT)
AC_SUBST(V_SHLIB_CMD)
AC_SUBST(V_SHLIB_OPT)
AC_SUBST(V_SONAME_OPT)
AC_SUBST(V_RPATH_OPT)
-AC_SUBST(V_YACC)
AC_SUBST(ADDLOBJS)
AC_SUBST(ADDLARCHIVEOBJS)
AC_SUBST(PLATFORM_C_SRC)

36
libpcap/NMAP_MODIFICATIONS/0002-Disable-unnecessary-features.patch
View File

@@ -6,22 +6,22 @@ index eba2723..6255f07 100644
# let's drop support for older versions of libnl, too.
#
AC_ARG_WITH(libnl,
- AC_HELP_STRING([--without-libnl],[disable libnl support @<:@default=yes, on Linux, if present@:>@]),
+ AC_HELP_STRING([--without-libnl],[disable libnl support @<:@default=disabled@:>@]),
- AS_HELP_STRING([--without-libnl],[disable libnl support @<:@default=yes, on Linux, if present@:>@]),
+ AS_HELP_STRING([--without-libnl],[disable libnl support @<:@default=disabled@:>@]),
with_libnl=$withval,with_libnl=if_available)
- if test x$with_libnl != xno ; then
+ if test x$with_libnl = xyes ; then
if test "x$PKGCONFIG" != "xno"; then
#
# We have pkg-config; see if we have libnl-genl-3.0
#
# Check for libnl-genl-3.0 with pkg-config.
#
@@ -2183,8 +2083,8 @@
esac
AC_SUBST(MAN_ADMIN_COMMANDS)
AC_ARG_ENABLE(shared,
-AC_HELP_STRING([--enable-shared],[build shared libraries @<:@default=yes, if support available@:>@]))
-AS_HELP_STRING([--enable-shared],[build shared libraries @<:@default=yes, if support available@:>@]))
-test "x$enable_shared" = "xno" && DYEXT="none"
+AC_HELP_STRING([--enable-shared],[build shared libraries @<:@default=no@:>@]))
+AS_HELP_STRING([--enable-shared],[build shared libraries @<:@default=no@:>@]))
+test "x$enable_shared" != "xyes" && DYEXT="none"
AC_PROG_RANLIB
@@ -30,8 +30,8 @@ index eba2723..6255f07 100644
# Various Linux-specific mechanisms.
#
AC_ARG_ENABLE([usb],
-[AC_HELP_STRING([--enable-usb],[enable Linux usbmon USB capture support @<:@default=yes, if support available@:>@])],
+[AC_HELP_STRING([--enable-usb],[enable USB capture support @<:@default=no@:>@])],
-[AS_HELP_STRING([--enable-usb],[enable Linux usbmon USB capture support @<:@default=yes, if support available@:>@])],
+[AS_HELP_STRING([--enable-usb],[enable USB capture support @<:@default=no@:>@])],
[],
- [enable_usb=yes])
+ [enable_usb=no])
@@ -42,8 +42,8 @@ index eba2723..6255f07 100644
AC_SUBST(PCAP_SUPPORT_DPDK)
AC_ARG_ENABLE([bluetooth],
-[AC_HELP_STRING([--enable-bluetooth],[enable Bluetooth support @<:@default=yes, if support available@:>@])],
+[AC_HELP_STRING([--enable-bluetooth],[enable Bluetooth support @<:@default=no@:>@])],
-[AS_HELP_STRING([--enable-bluetooth],[enable Bluetooth support @<:@default=yes, if support available@:>@])],
+[AS_HELP_STRING([--enable-bluetooth],[enable Bluetooth support @<:@default=no@:>@])],
[],
- [enable_bluetooth=ifsupportavailable])
+ [enable_bluetooth=no])
@@ -54,8 +54,8 @@ index eba2723..6255f07 100644
fi
AC_ARG_ENABLE([dbus],
-[AC_HELP_STRING([--enable-dbus],[enable D-Bus capture support @<:@default=yes, if support available@:>@])],
+[AC_HELP_STRING([--enable-dbus],[enable D-Bus capture support @<:@default=no@:>@])],
-[AS_HELP_STRING([--enable-dbus],[enable D-Bus capture support @<:@default=yes, if support available@:>@])],
+[AS_HELP_STRING([--enable-dbus],[enable D-Bus capture support @<:@default=no@:>@])],
[],
- [enable_dbus=ifavailable])
+ [enable_dbus=no])
@@ -70,8 +70,8 @@ index eba2723..6255f07 100644
- testprogs/Makefile)
+ )
exit 0
--- libpcap-1.10.1/Makefile.in 2021-06-07 20:21:35.000000000 +0000
+++ libpcap/Makefile.in 2022-08-31 18:00:55.284383667 +0000
--- a/libpcap/Makefile.in 2021-06-07 20:21:35.000000000 +0000
+++ b/libpcap/Makefile.in 2022-08-31 18:00:55.284383667 +0000
@@ -790,8 +778,6 @@
clean:
@@ -82,7 +82,7 @@ index eba2723..6255f07 100644
distclean: clean
rm -f Makefile grammar.y config.cache config.log config.status \
@@ -799,8 +785,6 @@
pcap-config stamp-h stamp-h.in
net os-proto.h libpcap.pc pcap-config stamp-h stamp-h.in
rm -f $(MAN3PCAP_EXPAND:.in=) $(MANFILE:.in=) $(MANMISC:.in=)
rm -rf autom4te.cache
- (cd rpcapd; $(MAKE) distclean)
@@ -98,4 +98,4 @@ index eba2723..6255f07 100644
- (cd testprogs; $(MAKE) depend)
shellcheck:
shellcheck -f gcc build.sh build_matrix.sh
shellcheck -f gcc -e SC2006 build.sh build_matrix.sh build_common.sh

2
libpcap/NMAP_MODIFICATIONS/HOWTO-UPGRADE
View File

@@ -8,7 +8,7 @@ tar xzvf libpcap-X.Y.tar.gz
cd nmap
rsync -rv --delete ~/libpcap-X.Y/ ~/nmap/libpcap/
# Remove some things we don't want to ship
rm -rf ~/nmap/libpcap/{rpcapd,testprogs,doc}
rm -rf ~/nmap/libpcap/{rpcapd,testprogs,doc,tests}
# Apply patch to avoid those dirs
git apply ~/NMAP_MODIFICATIONS/0002-Disable-unnecessary-features.patch
git add -A libpcap

12
libpcap/README.md
View File

@@ -24,7 +24,7 @@ to ease in porting and to alleviate the need for several
system-dependent packet capture modules in each application.
```text
formerly from Lawrence Berkeley National Laboratory
formerly from Lawrence Berkeley National Laboratory
Network Research Group <libpcap@ee.lbl.gov>
ftp://ftp.ee.lbl.gov/old/libpcap-0.4a7.tar.Z
```
@@ -52,12 +52,10 @@ would translate BPF filters into a filter program that is compatible
with the underlying kernel subsystem, but this is not yet implemented.
BPF is standard in 4.4BSD, BSD/OS, NetBSD, FreeBSD, OpenBSD, DragonFly
BSD, and macOS; an older, modified and undocumented version is standard
in AIX. {DEC OSF/1, Digital UNIX, Tru64 UNIX} uses the packetfilter
interface but has been extended to accept BPF filters (which libpcap
utilizes). Also, you can add BPF filter support to Ultrix using the
kernel source and/or object patches available
[here](https://www.tcpdump.org/other/bpfext42.tar.Z).
BSD, macOS, and Solaris 11; an older, modified and undocumented version
is standard in AIX. {DEC OSF/1, Digital UNIX, Tru64 UNIX} uses the
packetfilter interface but has been extended to accept BPF filters
(which libpcap utilizes).
Linux has a number of BPF based systems, and libpcap does not support
any of the eBPF mechanisms as yet, although it supports many of the

1
libpcap/VERSION Normal file
View File

@@ -0,0 +1 @@
1.10.4

1
libpcap/VERSION.txt
View File

@@ -1 +0,0 @@
1.10.1

28
libpcap/Win32/Prj/wpcap.sln
View File

@@ -1,28 +0,0 @@

Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio 2013
VisualStudioVersion = 12.0.40629.0
MinimumVisualStudioVersion = 10.0.40219.1
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "wpcap", "wpcap.vcxproj", "{8E92D840-6A36-452A-A13C-6E1BA5A2C5A9}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Win32 = Debug|Win32
Debug|x64 = Debug|x64
Release|Win32 = Release|Win32
Release|x64 = Release|x64
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
{8E92D840-6A36-452A-A13C-6E1BA5A2C5A9}.Debug|Win32.ActiveCfg = Debug|Win32
{8E92D840-6A36-452A-A13C-6E1BA5A2C5A9}.Debug|Win32.Build.0 = Debug|Win32
{8E92D840-6A36-452A-A13C-6E1BA5A2C5A9}.Debug|x64.ActiveCfg = Debug|x64
{8E92D840-6A36-452A-A13C-6E1BA5A2C5A9}.Debug|x64.Build.0 = Debug|x64
{8E92D840-6A36-452A-A13C-6E1BA5A2C5A9}.Release|Win32.ActiveCfg = Release|Win32
{8E92D840-6A36-452A-A13C-6E1BA5A2C5A9}.Release|Win32.Build.0 = Release|Win32
{8E92D840-6A36-452A-A13C-6E1BA5A2C5A9}.Release|x64.ActiveCfg = Release|x64
{8E92D840-6A36-452A-A13C-6E1BA5A2C5A9}.Release|x64.Build.0 = Release|x64
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
EndGlobalSection
EndGlobal

233
libpcap/Win32/Prj/wpcap.vcxproj
View File

@@ -1,233 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Debug|Win32">
<Configuration>Debug</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|x64">
<Configuration>Debug</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
</ItemGroup>
<PropertyGroup Label="Globals">
<SccProjectName />
<SccLocalPath />
<ProjectGuid>{8E92D840-6A36-452A-A13C-6E1BA5A2C5A9}</ProjectGuid>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
<ConfigurationType>DynamicLibrary</ConfigurationType>
<PlatformToolset>v120</PlatformToolset>
<UseOfMfc>false</UseOfMfc>
<CharacterSet>MultiByte</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
<ConfigurationType>DynamicLibrary</ConfigurationType>
<PlatformToolset>v120</PlatformToolset>
<UseOfMfc>false</UseOfMfc>
<CharacterSet>MultiByte</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
<ConfigurationType>DynamicLibrary</ConfigurationType>
<PlatformToolset>v120</PlatformToolset>
<UseOfMfc>false</UseOfMfc>
<CharacterSet>MultiByte</CharacterSet>
<WholeProgramOptimization>true</WholeProgramOptimization>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
<ConfigurationType>DynamicLibrary</ConfigurationType>
<PlatformToolset>v120</PlatformToolset>
<UseOfMfc>false</UseOfMfc>
<CharacterSet>MultiByte</CharacterSet>
<WholeProgramOptimization>true</WholeProgramOptimization>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ImportGroup Label="ExtensionSettings">
</ImportGroup>
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
<Import Project="$(VCTargetsPath)Microsoft.Cpp.UpgradeFromVC60.props" />
</ImportGroup>
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
<Import Project="$(VCTargetsPath)Microsoft.Cpp.UpgradeFromVC60.props" />
</ImportGroup>
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
<Import Project="$(VCTargetsPath)Microsoft.Cpp.UpgradeFromVC60.props" />
</ImportGroup>
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
<Import Project="$(VCTargetsPath)Microsoft.Cpp.UpgradeFromVC60.props" />
</ImportGroup>
<PropertyGroup Label="UserMacros" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<OutDir>.\Release\</OutDir>
<IntDir>.\Release\</IntDir>
<LinkIncremental>false</LinkIncremental>
<IncludePath>../../../;$(IncludePath)</IncludePath>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<LinkIncremental>false</LinkIncremental>
<IncludePath>../../../;$(IncludePath)</IncludePath>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<OutDir>.\Debug\</OutDir>
<IntDir>.\Debug\</IntDir>
<LinkIncremental>true</LinkIncremental>
<IncludePath>../../../;$(IncludePath)</IncludePath>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<LinkIncremental>true</LinkIncremental>
<IncludePath>../../../;$(IncludePath)</IncludePath>
</PropertyGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<ClCompile>
<RuntimeLibrary>MultiThreaded</RuntimeLibrary>
<InlineFunctionExpansion>Default</InlineFunctionExpansion>
<StringPooling>true</StringPooling>
<FunctionLevelLinking>true</FunctionLevelLinking>
<Optimization>MaxSpeed</Optimization>
<SuppressStartupBanner>true</SuppressStartupBanner>
<WarningLevel>Level3</WarningLevel>
<AdditionalIncludeDirectories>../../;../../lbl/;../../bpf/;../include/;../../../../common;../../../../dag/include;../../../../dag/drv/windows;../../../Win32-Extensions;./;Win32-Extensions;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>HAVE_VERSION_H;__STDC_VERSION__=199901L;HAVE_PACKET_IS_LOOPBACK_ADAPTER;NDEBUG;YY_NEVER_INTERACTIVE;_USRDLL;pcap_EXPORTS;HAVE_STRERROR;__STDC__;INET6;_WINDOWS;ENABLE_REMOTE;WIN32;_U_=;YY_NO_UNISTD_H;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ClCompile>
<ResourceCompile>
<Culture>0x0409</Culture>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ResourceCompile>
<Link>
<AdditionalDependencies>ws2_32.lib;..\..\..\..\packetWin7\Dll\Project\Release No NetMon and AirPcap\Packet.lib;%(AdditionalDependencies)</AdditionalDependencies>
</Link>
<PreBuildEvent>
<Command>call ..\..\GenVersion.bat ..\..\VERSION ..\..\pcap_version.h.in ..\..\pcap_version.h
win_flex -Ppcap_ -7 --outfile=..\..\scanner.c --header-file=..\..\scanner.h ..\..\scanner.l
win_bison -ppcap_ --yacc --output=..\..\grammar.c --defines ..\..\grammar.y</Command>
</PreBuildEvent>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<ClCompile>
<RuntimeLibrary>MultiThreaded</RuntimeLibrary>
<InlineFunctionExpansion>Default</InlineFunctionExpansion>
<StringPooling>true</StringPooling>
<FunctionLevelLinking>true</FunctionLevelLinking>
<Optimization>MaxSpeed</Optimization>
<SuppressStartupBanner>true</SuppressStartupBanner>
<WarningLevel>Level3</WarningLevel>
<AdditionalIncludeDirectories>../../;../../lbl/;../../bpf/;../include/;../../../../common;../../../../dag/include;../../../../dag/drv/windows;../../../Win32-Extensions;./;Win32-Extensions;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>HAVE_VERSION_H;__STDC_VERSION__=199901L;HAVE_PACKET_IS_LOOPBACK_ADAPTER;NDEBUG;YY_NEVER_INTERACTIVE;_USRDLL;pcap_EXPORTS;HAVE_STRERROR;__STDC__;INET6;_WINDOWS;ENABLE_REMOTE;WIN32;_U_=;YY_NO_UNISTD_H;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ClCompile>
<ResourceCompile>
<Culture>0x0409</Culture>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ResourceCompile>
<Link>
<AdditionalDependencies>ws2_32.lib;..\..\..\..\packetWin7\Dll\Project\x64\Release No NetMon and AirPcap\Packet.lib;%(AdditionalDependencies)</AdditionalDependencies>
</Link>
<PreBuildEvent>
<Command>call ..\..\GenVersion.bat ..\..\VERSION ..\..\pcap_version.h.in ..\..\pcap_version.h
win_flex -Ppcap_ -7 --outfile=..\..\scanner.c --header-file=..\..\scanner.h ..\..\scanner.l
win_bison -ppcap_ --yacc --output=..\..\grammar.c --defines ..\..\grammar.y</Command>
</PreBuildEvent>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<ClCompile>
<RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
<InlineFunctionExpansion>Default</InlineFunctionExpansion>
<FunctionLevelLinking>false</FunctionLevelLinking>
<Optimization>Disabled</Optimization>
<SuppressStartupBanner>true</SuppressStartupBanner>
<WarningLevel>Level3</WarningLevel>
<MinimalRebuild>true</MinimalRebuild>
<DebugInformationFormat>EditAndContinue</DebugInformationFormat>
<AdditionalIncludeDirectories>../../;../../lbl/;../../bpf/;../include/;../../../../common;../../../../dag/include;../../../../dag/drv/windows;../../../Win32-Extensions;./;Win32-Extensions;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>HAVE_VERSION_H;__STDC_VERSION__=199901L;HAVE_PACKET_IS_LOOPBACK_ADAPTER;_DEBUG;YY_NEVER_INTERACTIVE;_USRDLL;pcap_EXPORTS;HAVE_STRERROR;__STDC__;INET6;_WINDOWS;ENABLE_REMOTE;WIN32;_U_=;YY_NO_UNISTD_H;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
</ClCompile>
<ResourceCompile>
<Culture>0x0409</Culture>
<PreprocessorDefinitions>_DEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ResourceCompile>
<Link>
<AdditionalDependencies>ws2_32.lib;..\..\..\..\packetWin7\Dll\Project\Release No NetMon and AirPcap\Packet.lib;%(AdditionalDependencies)</AdditionalDependencies>
</Link>
<PreBuildEvent>
<Command>call ..\..\GenVersion.bat ..\..\VERSION ..\..\pcap_version.h.in ..\..\pcap_version.h
win_flex -Ppcap_ -7 --outfile=..\..\scanner.c --header-file=..\..\scanner.h ..\..\scanner.l
win_bison -ppcap_ --yacc --output=..\..\grammar.c --defines ..\..\grammar.y</Command>
</PreBuildEvent>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<ClCompile>
<RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
<InlineFunctionExpansion>Default</InlineFunctionExpansion>
<FunctionLevelLinking>false</FunctionLevelLinking>
<Optimization>Disabled</Optimization>
<SuppressStartupBanner>true</SuppressStartupBanner>
<WarningLevel>Level3</WarningLevel>
<DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
<AdditionalIncludeDirectories>../../;../../lbl/;../../bpf/;../include/;../../../../common;../../../../dag/include;../../../../dag/drv/windows;../../../Win32-Extensions;./;Win32-Extensions;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>HAVE_VERSION_H;__STDC_VERSION__=199901L;HAVE_PACKET_IS_LOOPBACK_ADAPTER;_DEBUG;YY_NEVER_INTERACTIVE;_USRDLL;pcap_EXPORTS;HAVE_STRERROR;__STDC__;INET6;_WINDOWS;ENABLE_REMOTE;WIN32;_U_=;YY_NO_UNISTD_H;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
</ClCompile>
<ResourceCompile>
<Culture>0x0409</Culture>
<PreprocessorDefinitions>_DEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ResourceCompile>
<Link>
<AdditionalDependencies>ws2_32.lib;..\..\..\..\packetWin7\Dll\Project\x64\Release No NetMon and AirPcap\Packet.lib;%(AdditionalDependencies)</AdditionalDependencies>
</Link>
<PreBuildEvent>
<Command>call ..\..\GenVersion.bat ..\..\VERSION ..\..\pcap_version.h.in ..\..\pcap_version.h
win_flex -Ppcap_ -7 --outfile=..\..\scanner.c --header-file=..\..\scanner.h ..\..\scanner.l
win_bison -ppcap_ --yacc --output=..\..\grammar.c --defines ..\..\grammar.y</Command>
</PreBuildEvent>
</ItemDefinitionGroup>
<ItemGroup>
<ClCompile Include="..\..\bpf\net\bpf_filter.c" />
<ClCompile Include="..\..\bpf_dump.c" />
<ClCompile Include="..\..\bpf_image.c" />
<ClCompile Include="..\..\etherent.c" />
<ClCompile Include="..\..\gencode.c" />
<ClCompile Include="..\..\grammar.c" />
<ClCompile Include="..\..\inet.c" />
<ClCompile Include="..\..\missing\win_snprintf.c" />
<ClCompile Include="..\..\nametoaddr.c" />
<ClCompile Include="..\..\optimize.c" />
<ClCompile Include="..\..\pcap-common.c" />
<ClCompile Include="..\..\pcap-new.c" />
<ClCompile Include="..\..\pcap-rpcap.c" />
<ClCompile Include="..\..\pcap-win32.c" />
<ClCompile Include="..\..\pcap.c" />
<ClCompile Include="..\..\savefile.c" />
<ClCompile Include="..\..\scanner.c" />
<ClCompile Include="..\..\sf-pcapng.c" />
<ClCompile Include="..\..\sf-pcap.c" />
<ClCompile Include="..\..\sockutils.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\..\pcap-common.h" />
<ClInclude Include="..\..\pcap-int.h" />
<ClInclude Include="..\..\pcap-rpcap.h" />
<ClInclude Include="..\..\pcap-stdinc.h" />
<ClInclude Include="..\..\pcap.h" />
<ClInclude Include="..\..\remote-ext.h" />
<ClInclude Include="..\..\sockutils.h" />
</ItemGroup>
<ItemGroup>
<ResourceCompile Include="..\..\..\Win32-Extensions\version.rc" />
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
</ImportGroup>
</Project>

107
libpcap/Win32/Prj/wpcap.vcxproj.filters
View File

@@ -1,107 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" xmlns="https://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup>
<ClCompile Include="..\..\bpf_dump.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\..\bpf\net\bpf_filter.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\..\bpf_image.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\..\etherent.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\..\gencode.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\..\grammar.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\..\inet.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\..\nametoaddr.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\..\optimize.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\..\pcap.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\..\pcap-win32.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\..\savefile.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\..\scanner.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\..\sf-pcap.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\..\sf-pcapng.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\..\pcap-common.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\..\fad-helpers.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\..\missing\win_snprintf.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\..\pcap-new.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\..\pcap-rpcap.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\..\sockutils.c">
<Filter>Source Files</Filter>
</ClCompile>
</ItemGroup>
<ItemGroup>
<Filter Include="Header Files">
<UniqueIdentifier>{c51dce5e-0da9-4e33-a235-d5c76c76485c}</UniqueIdentifier>
</Filter>
<Filter Include="Source Files">
<UniqueIdentifier>{5ec9fd4b-10b5-4527-b249-56b53d844fb1}</UniqueIdentifier>
</Filter>
<Filter Include="Resource Files">
<UniqueIdentifier>{c90886f0-8973-436b-a7a1-b9e881544f9a}</UniqueIdentifier>
</Filter>
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\..\pcap-stdinc.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="..\..\pcap-common.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="..\..\pcap.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="..\..\pcap-int.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="..\..\pcap-rpcap.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="..\..\remote-ext.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="..\..\sockutils.h">
<Filter>Header Files</Filter>
</ClInclude>
</ItemGroup>
<ItemGroup>
<ResourceCompile Include="..\..\..\Win32-Extensions\version.rc">
<Filter>Resource Files</Filter>
</ResourceCompile>
</ItemGroup>
</Project>

281
libpcap/aclocal.m4 vendored
View File

@@ -232,34 +232,27 @@ AC_DEFUN(AC_LBL_C_INIT,
])
dnl
dnl Check whether, if you pass an unknown warning option to the
dnl compiler, it fails or just prints a warning message and succeeds.
dnl Set ac_lbl_unknown_warning_option_error to the appropriate flag
dnl to force an error if it would otherwise just print a warning message
dnl and succeed.
dnl Save the values of various variables that affect compilation and
dnl linking, and that we don't ourselves modify persistently; done
dnl before a test involving compiling or linking is done, so that we
dnl can restore those variables after the test is done.
dnl
AC_DEFUN(AC_LBL_CHECK_UNKNOWN_WARNING_OPTION_ERROR,
[
AC_MSG_CHECKING([whether the compiler fails when given an unknown warning option])
AC_DEFUN(AC_LBL_SAVE_CHECK_STATE,
[
save_CFLAGS="$CFLAGS"
CFLAGS="$CFLAGS -Wxyzzy-this-will-never-succeed-xyzzy"
AC_TRY_COMPILE(
[],
[return 0],
[
AC_MSG_RESULT([no])
#
# We're assuming this is clang, where
# -Werror=unknown-warning-option is the appropriate
# option to force the compiler to fail.
#
ac_lbl_unknown_warning_option_error="-Werror=unknown-warning-option"
],
[
AC_MSG_RESULT([yes])
])
save_LIBS="$LIBS"
save_LDFLAGS="$LDFLAGS"
])
dnl
dnl Restore the values of variables saved by AC_LBL_SAVE_CHECK_STATE.
dnl
AC_DEFUN(AC_LBL_RESTORE_CHECK_STATE,
[
CFLAGS="$save_CFLAGS"
])
LIBS="$save_LIBS"
LDFLAGS="$save_LDFLAGS"
])
dnl
dnl Check whether the compiler option specified as the second argument
@@ -278,21 +271,35 @@ AC_DEFUN(AC_LBL_CHECK_COMPILER_OPT,
[
AC_MSG_CHECKING([whether the compiler supports the $2 option])
save_CFLAGS="$CFLAGS"
if expr "x$2" : "x-W.*" >/dev/null
then
CFLAGS="$CFLAGS $ac_lbl_unknown_warning_option_error $2"
elif expr "x$2" : "x-f.*" >/dev/null
then
CFLAGS="$CFLAGS -Werror $2"
elif expr "x$2" : "x-m.*" >/dev/null
then
CFLAGS="$CFLAGS -Werror $2"
else
CFLAGS="$CFLAGS $2"
fi
AC_TRY_COMPILE(
[],
[return 0],
CFLAGS="$CFLAGS $2"
#
# XXX - yes, this depends on the way AC_LANG_WERROR works,
# but no mechanism is provided to turn AC_LANG_WERROR on
# *and then turn it back off*, so that we *only* do it when
# testing compiler options - 15 years after somebody asked
# for it:
#
# https://autoconf.gnu.narkive.com/gTAVmfKD/how-to-cancel-flags-set-by-ac-lang-werror
#
save_ac_c_werror_flag="$ac_c_werror_flag"
ac_c_werror_flag=yes
#
# We use AC_LANG_SOURCE() so that we can control the complete
# content of the program being compiled. We do not, for example,
# want the default "int main()" that AC_LANG_PROGRAM() generates,
# as it will generate a warning with -Wold-style-definition, meaning
# that we would treat it as not working, as the test will fail if
# *any* error output, including a warning due to the flag we're
# testing, is generated; see
#
# https://www.postgresql.org/message-id/2192993.1591682589%40sss.pgh.pa.us
# https://www.postgresql.org/message-id/2192993.1591682589%40sss.pgh.pa.us
#
# This may, as per those two messages, be fixed in autoconf 2.70,
# but we only require 2.64 or newer for now.
#
AC_COMPILE_IFELSE(
[AC_LANG_SOURCE([[int main(void) { return 0; }]])],
[
AC_MSG_RESULT([yes])
can_add_to_cflags=yes
@@ -332,6 +339,7 @@ AC_DEFUN(AC_LBL_CHECK_COMPILER_OPT,
AC_MSG_RESULT([no])
CFLAGS="$save_CFLAGS"
])
ac_c_werror_flag="$save_ac_c_werror_flag"
])
dnl
@@ -460,7 +468,6 @@ dnl V_SHLIB_CCOPT (modified to build position-independent code)
dnl V_SHLIB_CMD
dnl V_SHLIB_OPT
dnl V_SONAME_OPT
dnl V_RPATH_OPT
dnl
AC_DEFUN(AC_LBL_SHLIBS_INIT,
[AC_PREREQ(2.50)
@@ -486,9 +493,10 @@ AC_DEFUN(AC_LBL_SHLIBS_INIT,
freebsd*|netbsd*|openbsd*|dragonfly*|linux*|osf*|haiku*|midipix*)
#
# Platforms where the linker is the GNU linker
# or accepts command-line arguments like
# those the GNU linker accepts.
# Platforms where the C compiler is GCC or accepts
# compatible command-line arguments, and the linker
# is the GNU linker or accepts compatible command-line
# arguments.
#
# Some instruction sets require -fPIC on some
# operating systems. Check for them. If you
@@ -509,7 +517,6 @@ AC_DEFUN(AC_LBL_SHLIBS_INIT,
esac
V_SHLIB_CCOPT="$V_SHLIB_CCOPT $PIC_OPT"
V_SONAME_OPT="-Wl,-soname,"
V_RPATH_OPT="-Wl,-rpath,"
;;
hpux*)
@@ -531,11 +538,12 @@ AC_DEFUN(AC_LBL_SHLIBS_INIT,
solaris*)
V_SHLIB_CCOPT="$V_SHLIB_CCOPT -fpic"
#
# XXX - this assumes GCC is using the Sun linker,
# rather than the GNU linker.
# Sun/Oracle's C compiler, GCC, and GCC-compatible
# compilers support -Wl,{comma-separated list of options},
# and we use the C compiler, not ld, for all linking,
# including linking to produce a shared library.
#
V_SONAME_OPT="-Wl,-h,"
V_RPATH_OPT="-Wl,-R,"
;;
esac
else
@@ -557,7 +565,7 @@ AC_DEFUN(AC_LBL_SHLIBS_INIT,
# "-Wl,-soname,{soname}" option, with the soname part
# of the option, while on other platforms the C compiler
# driver takes it as a regular option with the soname
# following the option. The same applies to V_RPATH_OPT.
# following the option.
#
case "$host_os" in
@@ -568,13 +576,17 @@ AC_DEFUN(AC_LBL_SHLIBS_INIT,
freebsd*|netbsd*|openbsd*|dragonfly*|linux*)
#
# "cc" is GCC.
# Platforms where the C compiler is GCC or accepts
# compatible command-line arguments, and the linker
# is the GNU linker or accepts compatible command-line
# arguments.
#
# XXX - does 64-bit SPARC require -fPIC?
#
V_SHLIB_CCOPT="$V_SHLIB_CCOPT -fpic"
V_SHLIB_CMD="\$(CC)"
V_SHLIB_OPT="-shared"
V_SONAME_OPT="-Wl,-soname,"
V_RPATH_OPT="-Wl,-rpath,"
;;
hpux*)
@@ -597,15 +609,19 @@ AC_DEFUN(AC_LBL_SHLIBS_INIT,
V_SHLIB_CMD="\$(CC)"
V_SHLIB_OPT="-shared"
V_SONAME_OPT="-soname "
V_RPATH_OPT="-rpath "
;;
solaris*)
V_SHLIB_CCOPT="$V_SHLIB_CCOPT -Kpic"
V_SHLIB_CMD="\$(CC)"
V_SHLIB_OPT="-G"
V_SONAME_OPT="-h "
V_RPATH_OPT="-R"
#
# Sun/Oracle's C compiler, GCC, and GCC-compatible
# compilers support -Wl,{comma-separated list of options},
# and we use the C compiler, not ld, for all linking,
# including linking to produce a shared library.
#
V_SONAME_OPT="-Wl,-h,"
;;
esac
fi
@@ -662,8 +678,6 @@ AC_DEFUN(AC_LBL_C_INLINE,
fi
AC_DEFINE_UNQUOTED(inline, $ac_cv_lbl_inline, [Define as token for inline if inlining supported])])
FFF
#
# Test whether we have __atomic_load_n() and __atomic_store_n().
#
@@ -819,7 +833,6 @@ AC_DEFUN(AC_LBL_DEVEL,
# Skip all the warning option stuff on some compilers.
#
if test "$ac_lbl_cc_dont_try_gcc_dashW" != yes; then
AC_LBL_CHECK_UNKNOWN_WARNING_OPTION_ERROR()
AC_LBL_CHECK_COMPILER_OPT($1, -W)
AC_LBL_CHECK_COMPILER_OPT($1, -Wall)
AC_LBL_CHECK_COMPILER_OPT($1, -Wcomma)
@@ -1000,19 +1013,23 @@ AC_DEFUN(AC_LBL_LIBRARY_NET, [
LIBS="-lsocket -lnsl $LIBS"
],
[
AC_CHECK_LIB(network, getaddrinfo,
[
#
# OK, we found it in libnetwork on Haiku.
#
LIBS="-lnetwork $LIBS"
],
[
#
# We didn't find it.
#
AC_MSG_ERROR([getaddrinfo is required, but wasn't found])
])
#
# Not found in libsocket; test for it in libnetwork, which
# is where it is in Haiku.
#
AC_CHECK_LIB(network, getaddrinfo,
[
#
# OK, we found it in libnetwork.
#
LIBS="-lnetwork $LIBS"
],
[
#
# We didn't find it.
#
AC_MSG_ERROR([getaddrinfo is required, but wasn't found])
])
], -lnsl)
#
@@ -1086,9 +1103,8 @@ dnl Since: 0.16
dnl
dnl Search for the pkg-config tool and set the PKG_CONFIG variable to
dnl first found in the path. Checks that the version of pkg-config found
dnl is at least MIN-VERSION. If MIN-VERSION is not specified, 0.9.0 is
dnl used since that's the first version where most current features of
dnl pkg-config existed.
dnl is at least MIN-VERSION. If MIN-VERSION is not specified, 0.17.0 is
dnl used since that's the first version where --static was supported.
AC_DEFUN([PKG_PROG_PKG_CONFIG],
[m4_pattern_forbid([^_?PKG_[A-Z_]+$])
m4_pattern_allow([^PKG_CONFIG(_(PATH|LIBDIR|SYSROOT_DIR|ALLOW_SYSTEM_(CFLAGS|LIBS)))?$])
@@ -1101,7 +1117,7 @@ if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then
AC_PATH_TOOL([PKG_CONFIG], [pkg-config])
fi
if test -n "$PKG_CONFIG"; then
_pkg_min_version=m4_default([$1], [0.9.0])
_pkg_min_version=m4_default([$1], [0.17.0])
AC_MSG_CHECKING([pkg-config is at least version $_pkg_min_version])
if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then
AC_MSG_RESULT([yes])
@@ -1118,13 +1134,8 @@ dnl Since: 0.18
dnl
dnl Check to see whether a particular set of modules exists. Similar to
dnl PKG_CHECK_MODULES(), but does not set variables or print errors.
dnl
dnl Please remember that m4 expands AC_REQUIRE([PKG_PROG_PKG_CONFIG])
dnl only at the first occurrence in configure.ac, so if the first place
dnl it's called might be skipped (such as if it is within an "if", you
dnl have to call PKG_CHECK_EXISTS manually
AC_DEFUN([PKG_CHECK_EXISTS],
[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl
[
if test -n "$PKG_CONFIG" && \
AC_RUN_LOG([$PKG_CONFIG --exists --print-errors "$1"]); then
m4_default([$2], [:])
@@ -1132,7 +1143,7 @@ m4_ifvaln([$3], [else
$3])dnl
fi])
dnl _PKG_CONFIG([VARIABLE], [COMMAND], [MODULES])
dnl _PKG_CONFIG([VARIABLE], [FLAGS], [MODULES])
dnl ---------------------------------------------
dnl Internal wrapper calling pkg-config via PKG_CONFIG and setting
dnl pkg_failed based on the result.
@@ -1141,7 +1152,7 @@ m4_define([_PKG_CONFIG],
pkg_cv_[]$1="$$1"
elif test -n "$PKG_CONFIG"; then
PKG_CHECK_EXISTS([$3],
[pkg_cv_[]$1=`$PKG_CONFIG --[]$2 "$3" 2>/dev/null`
[pkg_cv_[]$1=`$PKG_CONFIG $2 "$3" 2>/dev/null`
test "x$?" != "x0" && pkg_failed=yes ],
[pkg_failed=yes])
else
@@ -1153,7 +1164,7 @@ dnl _PKG_SHORT_ERRORS_SUPPORTED
dnl ---------------------------
dnl Internal check to see if pkg-config supports short errors.
AC_DEFUN([_PKG_SHORT_ERRORS_SUPPORTED],
[AC_REQUIRE([PKG_PROG_PKG_CONFIG])
[
if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
_pkg_short_errors_supported=yes
else
@@ -1166,37 +1177,44 @@ dnl PKG_CHECK_MODULES(VARIABLE-PREFIX, MODULES, [ACTION-IF-FOUND],
dnl [ACTION-IF-NOT-FOUND])
dnl --------------------------------------------------------------
dnl Since: 0.4.0
dnl
dnl Note that if there is a possibility the first call to
dnl PKG_CHECK_MODULES might not happen, you should be sure to include an
dnl explicit call to PKG_PROG_PKG_CONFIG in your configure.ac
AC_DEFUN([PKG_CHECK_MODULES],
[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl
AC_ARG_VAR([$1][_CFLAGS], [C compiler flags for $1, overriding pkg-config])dnl
AC_ARG_VAR([$1][_LIBS], [linker flags for $1, overriding pkg-config])dnl
[
AC_ARG_VAR([$1][_CFLAGS], [C compiler flags for $2, overriding pkg-config])dnl
AC_ARG_VAR([$1][_LIBS], [linker flags for $2, overriding pkg-config])dnl
AC_ARG_VAR([$1][_LIBS_STATIC], [static-link linker flags for $2, overriding pkg-config])dnl
pkg_failed=no
AC_MSG_CHECKING([for $1])
AC_MSG_CHECKING([for $2 with pkg-config])
PKG_CHECK_EXISTS($2,
[
#
# The package was found, so try to get its C flags and
# libraries.
#
_PKG_CONFIG([$1][_CFLAGS], [--cflags], [$2])
_PKG_CONFIG([$1][_LIBS], [--libs], [$2])
_PKG_CONFIG([$1][_LIBS_STATIC], [--libs --static], [$2])
_PKG_CONFIG([$1][_CFLAGS], [cflags], [$2])
_PKG_CONFIG([$1][_LIBS], [libs], [$2])
m4_define([_PKG_TEXT], [Alternatively, you may set the environment variables $1[]_CFLAGS
m4_define([_PKG_TEXT], [
Alternatively, you may set the environment variables $1[]_CFLAGS
and $1[]_LIBS to avoid the need to call pkg-config.
See the pkg-config man page for more details.])
if test $pkg_failed = yes; then
AC_MSG_RESULT([no])
_PKG_SHORT_ERRORS_SUPPORTED
if test $_pkg_short_errors_supported = yes; then
$1[]_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "$2" 2>&1`
else
$1[]_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "$2" 2>&1`
fi
# Put the nasty error message in config.log where it belongs
echo "$$1[]_PKG_ERRORS" >&AS_MESSAGE_LOG_FD
if test $pkg_failed = yes; then
#
# That failed - report an error.
#
AC_MSG_RESULT([error])
_PKG_SHORT_ERRORS_SUPPORTED
if test $_pkg_short_errors_supported = yes; then
$1[]_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "$2" 2>&1`
else
$1[]_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "$2" 2>&1`
fi
# Put the nasty error message in config.log where it belongs
echo "$$1[]_PKG_ERRORS" >&AS_MESSAGE_LOG_FD
m4_default([$4], [AC_MSG_ERROR(
m4_default([$4], [AC_MSG_ERROR(
[Package requirements ($2) were not met:
$$1_PKG_ERRORS
@@ -1206,23 +1224,28 @@ installed software in a non-standard prefix.
_PKG_TEXT])[]dnl
])
elif test $pkg_failed = untried; then
AC_MSG_RESULT([no])
m4_default([$4], [AC_MSG_FAILURE(
[The pkg-config script could not be found or is too old. Make sure it
is in your PATH or set the PKG_CONFIG environment variable to the full
path to pkg-config.
_PKG_TEXT
To get pkg-config, see <https://pkg-config.freedesktop.org/>.])[]dnl
])
else
$1[]_CFLAGS=$pkg_cv_[]$1[]_CFLAGS
$1[]_LIBS=$pkg_cv_[]$1[]_LIBS
AC_MSG_RESULT([yes])
$3
fi[]dnl
elif test $pkg_failed = untried; then
#
# We don't have pkg-config, so it didn't work.
#
AC_MSG_RESULT([not found (pkg-config not found)])
else
#
# We found the package.
#
$1[]_CFLAGS=$pkg_cv_[]$1[]_CFLAGS
$1[]_LIBS=$pkg_cv_[]$1[]_LIBS
$1[]_LIBS_STATIC=$pkg_cv_[]$1[]_LIBS_STATIC
AC_MSG_RESULT([found])
$3
fi[]dnl
],
[
#
# The package isn't present.
#
AC_MSG_RESULT([not found])
])
])dnl PKG_CHECK_MODULES
@@ -1234,13 +1257,8 @@ dnl
dnl Checks for existence of MODULES and gathers its build flags with
dnl static libraries enabled. Sets VARIABLE-PREFIX_CFLAGS from --cflags
dnl and VARIABLE-PREFIX_LIBS from --libs.
dnl
dnl Note that if there is a possibility the first call to
dnl PKG_CHECK_MODULES_STATIC might not happen, you should be sure to
dnl include an explicit call to PKG_PROG_PKG_CONFIG in your
dnl configure.ac.
AC_DEFUN([PKG_CHECK_MODULES_STATIC],
[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl
[
_save_PKG_CONFIG=$PKG_CONFIG
PKG_CONFIG="$PKG_CONFIG --static"
PKG_CHECK_MODULES($@)
@@ -1299,12 +1317,11 @@ dnl Since: 0.28
dnl
dnl Retrieves the value of the pkg-config variable for the given module.
AC_DEFUN([PKG_CHECK_VAR],
[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl
[
AC_ARG_VAR([$1], [value of $3 for $2, overriding pkg-config])dnl
_PKG_CONFIG([$1], [variable="][$3]["], [$2])
_PKG_CONFIG([$1], [--variable="][$3]["], [$2])
AS_VAR_COPY([$1], [pkg_cv_][$1])
AS_VAR_IF([$1], [""], [$5], [$4])dnl
])dnl PKG_CHECK_VAR

1
libpcap/charconv.c
View File

@@ -34,6 +34,7 @@
#ifdef _WIN32
#include <stdio.h>
#include <errno.h>
#include <pcap/pcap.h> /* Needed for PCAP_ERRBUF_SIZE */

6
libpcap/charconv.h
View File

@@ -32,8 +32,8 @@
* SUCH DAMAGE.
*/
#ifndef charonv_h
#define charonv_h
#ifndef charconv_h
#define charconv_h
#ifdef _WIN32
extern wchar_t *cp_to_utf_16le(UINT codepage, const char *cp_string, DWORD flags);
@@ -41,4 +41,4 @@ extern char *utf_16le_to_cp(UINT codepage, const wchar_t *utf16le_string);
extern void utf_8_to_acp_truncated(char *);
#endif
#endif
#endif /* charconv_h */

69
libpcap/cmake/Modules/FindAirPcap.cmake Normal file
View File

@@ -0,0 +1,69 @@
#
# FindAirPcap
# ==========
#
# Find the AirPcap library and include files.
#
# This module defines the following variables:
#
# AirPcap_INCLUDE_DIR - absolute path to the directory containing airpcap.h.
#
# AirPcap_LIBRARY - relative or absolute path to the AirPcap library to
# link with. An absolute path is will be used if the
# AirPcap library is not located in the compiler's
# default search path.
# AirPcap_FOUND - TRUE if the AirPcap library *and* header are found.
#
# Hints and Backward Compatibility
# ================================
#
# To tell this module where to look, a user may set the environment variable
# AirPcap_ROOT to point cmake to the *root* of a directory with include and
# lib subdirectories for airpcap.dll (e.g Airpcap_Devpack).
# Alternatively, AirPcap_ROOT may also be set from the CMake command
# line or GUI (e.g cmake -DAirPcap_ROOT=C:\path\to\airpcap_sdk [...])
#
# The 64-bit airpcap.lib is located under /x64
if(CMAKE_SIZEOF_VOID_P EQUAL 8)
#
# For the WinPcap and Npcap SDKs, the Lib subdirectory of the top-level
# directory contains 32-bit libraries; the 64-bit libraries are in the
# Lib/x64 directory.
#
# The only way to *FORCE* CMake to look in the Lib/x64 directory
# without searching in the Lib directory first appears to be to set
# CMAKE_LIBRARY_ARCHITECTURE to "x64".
#
# In newer versions of CMake, CMAKE_LIBRARY_ARCHITECTURE is set according to
# the language, e.g., CMAKE_<LANG>_LIBRARY_ARCHITECTURE. So, set the new
# variable, CMAKE_C_LIBRARY_ARCHITECTURE, so that CMAKE_LIBRARY_ARCHITECTURE
# inherits the correct value.
#
set(CMAKE_C_LIBRARY_ARCHITECTURE "x64")
set(CMAKE_LIBRARY_ARCHITECTURE "x64")
endif()
# Find the header
find_path(AirPcap_INCLUDE_DIR airpcap.h
PATH_SUFFIXES include
)
# Find the library
find_library(AirPcap_LIBRARY
NAMES airpcap
)
# Set AirPcap_FOUND to TRUE if AirPcap_INCLUDE_DIR and AirPcap_LIBRARY are TRUE.
include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(AirPcap
DEFAULT_MSG
AirPcap_INCLUDE_DIR
AirPcap_LIBRARY
)
mark_as_advanced(AirPcap_INCLUDE_DIR AirPcap_LIBRARY)
set(AirPcap_INCLUDE_DIRS ${AirPcap_INCLUDE_DIR})
set(AirPcap_LIBRARIES ${AirPcap_LIBRARY})

7
libpcap/cmake/Modules/FindDAG.cmake
View File

@@ -14,6 +14,12 @@ find_path(DAG_INCLUDE_DIR dagapi.h)
find_library(DAG_LIBRARY dag)
find_library(DAGCONF_LIBRARY dagconf)
#
# Get link information from the _LIBRARY paths.
#
get_link_info_from_library_path(DAG dag)
get_link_info_from_library_path(DAGCONF dagconf)
include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(DAG
DEFAULT_MSG
@@ -30,3 +36,4 @@ mark_as_advanced(
set(DAG_INCLUDE_DIRS ${DAG_INCLUDE_DIR})
set(DAG_LIBRARIES ${DAG_LIBRARY} ${DAGCONF_LIBRARY})
set(DAG_STATIC_LIBRARIES ${DAG_LIBRARY} ${DAGCONF_LIBRARY})

24
libpcap/cmake/Modules/FindPacket.cmake
View File

@@ -28,14 +28,14 @@
#
# This module defines the following variables:
#
# PACKET_INCLUDE_DIR - absolute path to the directory containing Packet32.h.
# Packet_INCLUDE_DIR - absolute path to the directory containing Packet32.h.
#
# PACKET_LIBRARY - relative or absolute path to the Packet library to
# Packet_LIBRARY - relative or absolute path to the Packet library to
# link with. An absolute path is will be used if the
# Packet library is not located in the compiler's
# default search path.
# PACKET_FOUND - TRUE if the Packet library *and* header are found.
# Packet_FOUND - TRUE if the Packet library *and* header are found.
#
# Hints and Backward Compatibility
# ================================
@@ -86,24 +86,24 @@ if(CMAKE_SIZEOF_VOID_P EQUAL 8)
endif()
# Find the header
find_path(PACKET_INCLUDE_DIR Packet32.h
find_path(Packet_INCLUDE_DIR Packet32.h
PATH_SUFFIXES include Include
)
# Find the library
find_library(PACKET_LIBRARY
find_library(Packet_LIBRARY
NAMES Packet packet
)
# Set PACKET_FOUND to TRUE if PACKET_INCLUDE_DIR and PACKET_LIBRARY are TRUE.
# Set Packet_FOUND to TRUE if Packet_INCLUDE_DIR and Packet_LIBRARY are TRUE.
include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(PACKET
find_package_handle_standard_args(Packet
DEFAULT_MSG
PACKET_INCLUDE_DIR
PACKET_LIBRARY
Packet_INCLUDE_DIR
Packet_LIBRARY
)
mark_as_advanced(PACKET_INCLUDE_DIR PACKET_LIBRARY)
mark_as_advanced(Packet_INCLUDE_DIR Packet_LIBRARY)
set(PACKET_INCLUDE_DIRS ${PACKET_INCLUDE_DIR})
set(PACKET_LIBRARIES ${PACKET_LIBRARY})
set(Packet_INCLUDE_DIRS ${Packet_INCLUDE_DIR})
set(Packet_LIBRARIES ${Packet_LIBRARY})

6
libpcap/cmake/Modules/FindSNF.cmake
View File

@@ -8,6 +8,11 @@ find_path(SNF_INCLUDE_DIR snf.h /opt/snf)
# Try to find the library
find_library(SNF_LIBRARY snf /opt/snf)
#
# Get link information from the _LIBRARY paths.
#
get_link_info_from_library_path(SNF snf)
include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(SNF
DEFAULT_MSG
@@ -22,3 +27,4 @@ mark_as_advanced(
set(SNF_INCLUDE_DIRS ${SNF_INCLUDE_DIR})
set(SNF_LIBRARIES ${SNF_LIBRARY})
set(SNF_STATIC_LIBRARIES ${SNF_LIBRARY})

195
libpcap/cmake/Modules/Finddpdk.cmake
View File

@@ -5,89 +5,49 @@
# dpdk_FOUND
# dpdk_INCLUDE_DIRS
# dpdk_LIBRARIES
# dpdk_STATIC_LIBRARIES
# dpdk_LIBS_STATIC
# dpdk_REQUIRES_PRIVATE
# dpdk_PACKAGE_NAME
#
# We only try to find DPDK using pkg-config; DPDK is *SO*
# complicated - DPDK 19.02, for example, has about 117(!)
# libraries, and the precise set of libraries required has
# changed over time - so attempting to guess which libraries
# you need, and hardcoding that in an attempt to find the
# libraries without DPDK, rather than relying on DPDK to
# tell you, with a .pc file, what libraries are needed,
# is *EXTREMELY* fragile and has caused some bug reports,
# so we're just not going to do it.
#
# If that causes a problem, the only thing we will do is
# accept an alternative way of finding the appropriate
# library set for the installed version of DPDK that is
# as robust as pkg-config (i.e., it had better work as well
# as pkg-config with *ALL* versions of DPDK that provide a
# libdpdk.pc file).
#
# If dpdk_ROOT is set, add ${dpdk_ROOT}/pkgconfig
# to PKG_CONFIG_PATH, so we look for the .pc file there,
# first.
#
if(PKG_CONFIG_FOUND)
pkg_check_modules(dpdk QUIET libdpdk)
endif()
message(STATUS "Executing Finddpdk")
if(NOT dpdk_INCLUDE_DIRS)
message(STATUS "Executing find_path")
find_path(dpdk_config_INCLUDE_DIR rte_config.h
HINTS
ENV DPDK_DIR
PATH_SUFFIXES
dpdk
include
)
find_path(dpdk_common_INCLUDE_DIR rte_common.h
HINTS
ENV DPDK_DIR
PATH_SUFFIXES
dpdk
include
)
set(dpdk_INCLUDE_DIRS "${dpdk_config_INCLUDE_DIR}")
if(NOT dpdk_config_INCLUDE_DIR STREQUAL dpdk_common_INCLUDE_DIR)
list(APPEND dpdk_INCLUDE_DIRS "${dpdk_common_INCLUDE_DIR}")
set(save_PKG_CONFIG_PATH $ENV{PKG_CONFIG_PATH})
if(dpdk_ROOT)
set(ENV{PKG_CONFIG_PATH} "${dpdk_ROOT}/pkgconfig:$ENV{PKG_CONFIG_PATH}")
endif()
set(components
bus_pci
cmdline
eal
ethdev
hash
kvargs
mbuf
mempool
mempool_ring
mempool_stack
pci
pmd_af_packet
pmd_bond
pmd_i40e
pmd_ixgbe
pmd_mlx5
pmd_ring
pmd_vmxnet3_uio
ring)
set(dpdk_LIBRARIES)
foreach(c ${components})
find_library(DPDK_rte_${c}_LIBRARY rte_${c}
HINTS
ENV DPDK_DIR
${dpdk_LIBRARY_DIRS}
PATH_SUFFIXES lib)
if(DPDK_rte_${c}_LIBRARY)
set(dpdk_lib dpdk::${c})
if (NOT TARGET ${dpdk_lib})
add_library(${dpdk_lib} UNKNOWN IMPORTED)
set_target_properties(${dpdk_lib} PROPERTIES
INTERFACE_INCLUDE_DIRECTORIES "${dpdk_INCLUDE_DIRS}"
IMPORTED_LOCATION "${DPDK_rte_${c}_LIBRARY}")
if(c STREQUAL pmd_mlx5)
find_package(verbs QUIET)
if(verbs_FOUND)
target_link_libraries(${dpdk_lib} INTERFACE IBVerbs::verbs)
endif()
endif()
endif()
list(APPEND dpdk_LIBRARIES ${dpdk_lib})
endif()
endforeach()
#
# Where the heck did this list come from? libdpdk on Ubuntu 20.04,
# for example, doesn't even *have* -ldpdk; that's why we go with
# pkg-config, in the hopes that it provides a correct set of flags
# for this tangled mess.
#
list(APPEND dpdk_LIBRARIES dpdk rt m numo dl)
pkg_check_modules(dpdk QUIET libdpdk)
if(dpdk_FOUND)
#
# Get link information for DPDK.
#
pkg_get_link_info(dpdk libdpdk)
endif()
set(ENV{PKG_CONFIG_PATH} "${save_PKG_CONFIG_PATH}")
endif()
mark_as_advanced(dpdk_INCLUDE_DIRS ${dpdk_LIBRARIES})
mark_as_advanced(dpdk_INCLUDE_DIRS dpdk_LIBRARIES dpdk_STATIC_LIBRARIES dpdk_REQUIRES_PRIVATE)
include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(dpdk DEFAULT_MSG
@@ -95,29 +55,64 @@ find_package_handle_standard_args(dpdk DEFAULT_MSG
dpdk_LIBRARIES)
if(dpdk_FOUND)
if(NOT TARGET dpdk::cflags)
if(CMAKE_SYSTEM_PROCESSOR MATCHES "amd64|x86_64|AMD64")
set(rte_cflags "-march=core2")
elseif(CMAKE_SYSTEM_PROCESSOR MATCHES "arm|ARM")
set(rte_cflags "-march=armv7-a")
elseif(CMAKE_SYSTEM_PROCESSOR MATCHES "aarch64|AARCH64")
set(rte_cflags "-march=armv8-a+crc")
#
# This depends on CMake support for "imported targets",
# which are not supported until CMake 3.19.
#
# Ubuntu 20.04 provides CMake 3.16.3, so we are *NOT*
# going to require CMake 3.19. If you want to use
# Shiny New Features(TM), wait until all the OSes on
# which a build might conceivably be done, and that
# provide CMake, provide 3.19 or later.
#
# Just don't do this stuff on earlier versions. If that
# breaks something, figure out a way to do it *without*
# "imported targets", and either do this that way, or,
# at least, do it that way on older versions of CMake.
#
# (One good thing about autotools is that only the builders
# of a package, and people doing configure-script development,
# have to care about the autoconf etc. version; you don't
# even need to have autotools installed in order to be able
# to run an autotools-generated configure script, you just
# need an environment UN*Xy enough, and modern enough, to
# run the stuff in the script.
#
# This is *NOT* the case for CMake; not only do you need
# CMake in order to build a package using CMake, you need
# a version recent enough to run the stuff the package's
# CMake files use.
#
# Please keep this in mind when changing any CMake files,
# and keep in mind what versions of CMake come with, for
# example, commonly-used versions of commonly-used
# Linux distributiions.)
#
if(NOT CMAKE_VERSION VERSION_LESS 3.19)
if(NOT TARGET dpdk::cflags)
if(CMAKE_SYSTEM_PROCESSOR MATCHES "amd64|x86_64|AMD64")
set(rte_cflags "-march=core2")
elseif(CMAKE_SYSTEM_PROCESSOR MATCHES "arm|ARM")
set(rte_cflags "-march=armv7-a")
elseif(CMAKE_SYSTEM_PROCESSOR MATCHES "aarch64|AARCH64")
set(rte_cflags "-march=armv8-a+crc")
endif()
add_library(dpdk::cflags INTERFACE IMPORTED)
if (rte_cflags)
set_target_properties(dpdk::cflags PROPERTIES
INTERFACE_COMPILE_OPTIONS "${rte_cflags}")
endif()
endif()
add_library(dpdk::cflags INTERFACE IMPORTED)
if (rte_cflags)
set_target_properties(dpdk::cflags PROPERTIES
INTERFACE_COMPILE_OPTIONS "${rte_cflags}")
endif()
endif()
if(NOT TARGET dpdk::dpdk)
add_library(dpdk::dpdk INTERFACE IMPORTED)
find_package(Threads QUIET)
list(APPEND dpdk_LIBRARIES
Threads::Threads
dpdk::cflags)
set_target_properties(dpdk::dpdk PROPERTIES
INTERFACE_LINK_LIBRARIES "${dpdk_LIBRARIES}"
INTERFACE_INCLUDE_DIRECTORIES "${dpdk_INCLUDE_DIRS}")
if(NOT TARGET dpdk::dpdk)
add_library(dpdk::dpdk INTERFACE IMPORTED)
find_package(Threads QUIET)
list(APPEND dpdk_LIBRARIES
Threads::Threads
dpdk::cflags)
set_target_properties(dpdk::dpdk PROPERTIES
INTERFACE_LINK_LIBRARIES "${dpdk_LIBRARIES}"
INTERFACE_INCLUDE_DIRECTORIES "${dpdk_INCLUDE_DIRS}")
endif()
endif()
endif()

9
libpcap/cmakeconfig.h.in
View File

@@ -117,9 +117,6 @@
/* Define to 1 if you have the <net/pfilt.h> header file. */
#cmakedefine HAVE_NET_PFILT_H 1
/* Define to 1 if you have the <net/pfvar.h> header file. */
#cmakedefine HAVE_NET_PFVAR_H 1
/* Define to 1 if you have the <net/raw.h> header file. */
#cmakedefine HAVE_NET_RAW_H 1
@@ -138,9 +135,6 @@
/* Define to 1 if you have a POSIX-style `strerror_r' function. */
#cmakedefine HAVE_POSIX_STRERROR_R 1
/* define if net/pfvar.h defines PF_NAT through PF_NORDR */
#cmakedefine HAVE_PF_NAT_THROUGH_PF_NORDR 1
/* define if you have the Septel API */
#cmakedefine HAVE_SEPTEL_API 1
@@ -274,9 +268,6 @@
/* IPv6 */
#cmakedefine INET6 1
/* path for device for USB sniffing */
#cmakedefine LINUX_USB_MON_DEV "@LINUX_USB_MON_DEV@"
/* Define to 1 if netinet/ether.h declares `ether_hostton' */
#cmakedefine NETINET_ETHER_H_DECLARES_ETHER_HOSTTON 1

1270
libpcap/config.guess vendored
View File

File diff suppressed because it is too large Load Diff

19
libpcap/config.h.in
View File

@@ -72,8 +72,8 @@
/* Define to 1 if you have the <inttypes.h> header file. */
#undef HAVE_INTTYPES_H
/* Define to 1 if you have the `dag' library (-ldag). */
#undef HAVE_LIBDAG
/* Define to 1 if you have the `bsd' library (-lbsd). */
#undef HAVE_LIBBSD
/* if libdlpi exists */
#undef HAVE_LIBDLPI
@@ -132,9 +132,6 @@
/* Define to 1 if you have the <net/pfilt.h> header file. */
#undef HAVE_NET_PFILT_H
/* Define to 1 if you have the <net/pfvar.h> header file. */
#undef HAVE_NET_PFVAR_H
/* Define to 1 if you have the <net/raw.h> header file. */
#undef HAVE_NET_RAW_H
@@ -144,9 +141,6 @@
/* if there's an os_proto.h for this platform, to use additional prototypes */
#undef HAVE_OS_PROTO_H
/* define if net/pfvar.h defines PF_NAT through PF_NORDR */
#undef HAVE_PF_NAT_THROUGH_PF_NORDR
/* Define to 1 if you have a POSIX-style `strerror_r' function. */
#undef HAVE_POSIX_STRERROR_R
@@ -271,9 +265,6 @@
/* IPv6 */
#undef INET6
/* path for device for USB sniffing */
#undef LINUX_USB_MON_DEV
/* Define to 1 if netinet/ether.h declares `ether_hostton' */
#undef NETINET_ETHER_H_DECLARES_ETHER_HOSTTON
@@ -328,6 +319,12 @@
/* target host supports RDMA sniffing */
#undef PCAP_SUPPORT_RDMASNIFF
/* The size of `const void *', as computed by sizeof. */
#undef SIZEOF_CONST_VOID_P
/* The size of `void *', as computed by sizeof. */
#undef SIZEOF_VOID_P
/* Define to 1 if you have the ANSI C header files. */
#undef STDC_HEADERS

115
libpcap/config.sub vendored
View File

@@ -1,12 +1,14 @@
#! /bin/sh
# Configuration validation subroutine script.
# Copyright 1992-2021 Free Software Foundation, Inc.
# Copyright 1992-2023 Free Software Foundation, Inc.
timestamp='2021-03-10'
# shellcheck disable=SC2006,SC2268 # see below for rationale
timestamp='2023-01-21'
# This file is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful, but
@@ -50,7 +52,14 @@ timestamp='2021-03-10'
# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM
# It is wrong to echo any other type of specification.
me=$(echo "$0" | sed -e 's,.*/,,')
# The "shellcheck disable" line above the timestamp inhibits complaints
# about features and limitations of the classic Bourne shell that were
# superseded or lifted in POSIX. However, this script identifies a wide
# variety of pre-POSIX systems that do not have POSIX shells at all, and
# even some reasonably current systems (Solaris 10 as case-in-point) still
# have a pre-POSIX /bin/sh.
me=`echo "$0" | sed -e 's,.*/,,'`
usage="\
Usage: $0 [OPTION] CPU-MFR-OPSYS or ALIAS
@@ -67,7 +76,7 @@ Report bugs and patches to <config-patches@gnu.org>."
version="\
GNU config.sub ($timestamp)
Copyright 1992-2021 Free Software Foundation, Inc.
Copyright 1992-2023 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
@@ -112,9 +121,11 @@ esac
# Split fields of configuration type
# shellcheck disable=SC2162
saved_IFS=$IFS
IFS="-" read field1 field2 field3 field4 <<EOF
$1
EOF
IFS=$saved_IFS
# Separate into logical components for further validation
case $1 in
@@ -134,7 +145,7 @@ case $1 in
nto-qnx* | linux-* | uclinux-uclibc* \
| uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* \
| netbsd*-eabi* | kopensolaris*-gnu* | cloudabi*-eabi* \
| storm-chaos* | os2-emx* | rtmk-nova*)
| storm-chaos* | os2-emx* | rtmk-nova* | managarm-*)
basic_machine=$field1
basic_os=$maybe_os
;;
@@ -163,6 +174,10 @@ case $1 in
basic_machine=$field1
basic_os=$field2
;;
zephyr*)
basic_machine=$field1-unknown
basic_os=$field2
;;
# Manufacturers
dec* | mips* | sequent* | encore* | pc533* | sgi* | sony* \
| att* | 7300* | 3300* | delta* | motorola* | sun[234]* \
@@ -769,22 +784,22 @@ case $basic_machine in
vendor=hp
;;
i*86v32)
cpu=$(echo "$1" | sed -e 's/86.*/86/')
cpu=`echo "$1" | sed -e 's/86.*/86/'`
vendor=pc
basic_os=sysv32
;;
i*86v4*)
cpu=$(echo "$1" | sed -e 's/86.*/86/')
cpu=`echo "$1" | sed -e 's/86.*/86/'`
vendor=pc
basic_os=sysv4
;;
i*86v)
cpu=$(echo "$1" | sed -e 's/86.*/86/')
cpu=`echo "$1" | sed -e 's/86.*/86/'`
vendor=pc
basic_os=sysv
;;
i*86sol2)
cpu=$(echo "$1" | sed -e 's/86.*/86/')
cpu=`echo "$1" | sed -e 's/86.*/86/'`
vendor=pc
basic_os=solaris2
;;
@@ -917,14 +932,16 @@ case $basic_machine in
;;
leon-*|leon[3-9]-*)
cpu=sparc
vendor=$(echo "$basic_machine" | sed 's/-.*//')
vendor=`echo "$basic_machine" | sed 's/-.*//'`
;;
*-*)
# shellcheck disable=SC2162
saved_IFS=$IFS
IFS="-" read cpu vendor <<EOF
$basic_machine
EOF
IFS=$saved_IFS
;;
# We use `pc' rather than `unknown'
# because (1) that's what they normally are, and
@@ -1003,6 +1020,11 @@ case $cpu-$vendor in
;;
# Here we normalize CPU types with a missing or matching vendor
armh-unknown | armh-alt)
cpu=armv7l
vendor=alt
basic_os=${basic_os:-linux-gnueabihf}
;;
dpx20-unknown | dpx20-bull)
cpu=rs6000
vendor=bull
@@ -1053,7 +1075,7 @@ case $cpu-$vendor in
pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*)
cpu=i586
;;
pentiumpro-* | p6-* | 6x86-* | athlon-* | athalon_*-*)
pentiumpro-* | p6-* | 6x86-* | athlon-* | athlon_*-*)
cpu=i686
;;
pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*)
@@ -1084,7 +1106,7 @@ case $cpu-$vendor in
cpu=mipsisa64sb1el
;;
sh5e[lb]-*)
cpu=$(echo "$cpu" | sed 's/^\(sh.\)e\(.\)$/\1\2e/')
cpu=`echo "$cpu" | sed 's/^\(sh.\)e\(.\)$/\1\2e/'`
;;
spur-*)
cpu=spur
@@ -1102,9 +1124,9 @@ case $cpu-$vendor in
cpu=x86_64
;;
xscale-* | xscalee[bl]-*)
cpu=$(echo "$cpu" | sed 's/^xscale/arm/')
cpu=`echo "$cpu" | sed 's/^xscale/arm/'`
;;
arm64-*)
arm64-* | aarch64le-*)
cpu=aarch64
;;
@@ -1165,7 +1187,7 @@ case $cpu-$vendor in
| alphapca5[67] | alpha64pca5[67] \
| am33_2.0 \
| amdgcn \
| arc | arceb \
| arc | arceb | arc32 | arc64 \
| arm | arm[lb]e | arme[lb] | armv* \
| avr | avr32 \
| asmjs \
@@ -1185,7 +1207,7 @@ case $cpu-$vendor in
| k1om \
| le32 | le64 \
| lm32 \
| loongarch32 | loongarch64 | loongarchx32 \
| loongarch32 | loongarch64 \
| m32c | m32r | m32rle \
| m5200 | m68000 | m680[012346]0 | m68360 | m683?2 | m68k \
| m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x \
@@ -1204,9 +1226,13 @@ case $cpu-$vendor in
| mips64vr5900 | mips64vr5900el \
| mipsisa32 | mipsisa32el \
| mipsisa32r2 | mipsisa32r2el \
| mipsisa32r3 | mipsisa32r3el \
| mipsisa32r5 | mipsisa32r5el \
| mipsisa32r6 | mipsisa32r6el \
| mipsisa64 | mipsisa64el \
| mipsisa64r2 | mipsisa64r2el \
| mipsisa64r3 | mipsisa64r3el \
| mipsisa64r5 | mipsisa64r5el \
| mipsisa64r6 | mipsisa64r6el \
| mipsisa64sb1 | mipsisa64sb1el \
| mipsisa64sr71k | mipsisa64sr71kel \
@@ -1283,35 +1309,41 @@ esac
if test x$basic_os != x
then
# First recognize some ad-hoc caes, or perhaps split kernel-os, or else just
# First recognize some ad-hoc cases, or perhaps split kernel-os, or else just
# set os.
case $basic_os in
gnu/linux*)
kernel=linux
os=$(echo $basic_os | sed -e 's|gnu/linux|gnu|')
os=`echo "$basic_os" | sed -e 's|gnu/linux|gnu|'`
;;
os2-emx)
kernel=os2
os=$(echo $basic_os | sed -e 's|os2-emx|emx|')
os=`echo "$basic_os" | sed -e 's|os2-emx|emx|'`
;;
nto-qnx*)
kernel=nto
os=$(echo $basic_os | sed -e 's|nto-qnx|qnx|')
os=`echo "$basic_os" | sed -e 's|nto-qnx|qnx|'`
;;
*-*)
# shellcheck disable=SC2162
saved_IFS=$IFS
IFS="-" read kernel os <<EOF
$basic_os
EOF
IFS=$saved_IFS
;;
# Default OS when just kernel was specified
nto*)
kernel=nto
os=$(echo $basic_os | sed -e 's|nto|qnx|')
os=`echo "$basic_os" | sed -e 's|nto|qnx|'`
;;
linux*)
kernel=linux
os=$(echo $basic_os | sed -e 's|linux|gnu|')
os=`echo "$basic_os" | sed -e 's|linux|gnu|'`
;;
managarm*)
kernel=managarm
os=`echo "$basic_os" | sed -e 's|managarm|mlibc|'`
;;
*)
kernel=
@@ -1332,7 +1364,7 @@ case $os in
os=cnk
;;
solaris1 | solaris1.*)
os=$(echo $os | sed -e 's|solaris1|sunos4|')
os=`echo "$os" | sed -e 's|solaris1|sunos4|'`
;;
solaris)
os=solaris2
@@ -1361,7 +1393,7 @@ case $os in
os=sco3.2v4
;;
sco3.2.[4-9]*)
os=$(echo $os | sed -e 's/sco3.2./sco3.2v/')
os=`echo "$os" | sed -e 's/sco3.2./sco3.2v/'`
;;
sco*v* | scout)
# Don't match below
@@ -1391,7 +1423,7 @@ case $os in
os=lynxos
;;
mac[0-9]*)
os=$(echo "$os" | sed -e 's|mac|macos|')
os=`echo "$os" | sed -e 's|mac|macos|'`
;;
opened*)
os=openedition
@@ -1400,10 +1432,10 @@ case $os in
os=os400
;;
sunos5*)
os=$(echo "$os" | sed -e 's|sunos5|solaris2|')
os=`echo "$os" | sed -e 's|sunos5|solaris2|'`
;;
sunos6*)
os=$(echo "$os" | sed -e 's|sunos6|solaris3|')
os=`echo "$os" | sed -e 's|sunos6|solaris3|'`
;;
wince*)
os=wince
@@ -1437,7 +1469,7 @@ case $os in
;;
# Preserve the version number of sinix5.
sinix5.*)
os=$(echo $os | sed -e 's|sinix|sysv|')
os=`echo "$os" | sed -e 's|sinix|sysv|'`
;;
sinix*)
os=sysv4
@@ -1684,7 +1716,7 @@ fi
# Now, validate our (potentially fixed-up) OS.
case $os in
# Sometimes we do "kernel-libc", so those need to count as OSes.
musl* | newlib* | uclibc*)
musl* | newlib* | relibc* | uclibc*)
;;
# Likewise for "kernel-abi"
eabi* | gnueabi*)
@@ -1707,7 +1739,7 @@ case $os in
| nindy* | vxsim* | vxworks* | ebmon* | hms* | mvs* \
| clix* | riscos* | uniplus* | iris* | isc* | rtu* | xenix* \
| mirbsd* | netbsd* | dicos* | openedition* | ose* \
| bitrig* | openbsd* | solidbsd* | libertybsd* | os108* \
| bitrig* | openbsd* | secbsd* | solidbsd* | libertybsd* | os108* \
| ekkobsd* | freebsd* | riscix* | lynxos* | os400* \
| bosx* | nextstep* | cxux* | aout* | elf* | oabi* \
| ptx* | coff* | ecoff* | winnt* | domain* | vsta* \
@@ -1725,7 +1757,8 @@ case $os in
| skyos* | haiku* | rdos* | toppers* | drops* | es* \
| onefs* | tirtos* | phoenix* | fuchsia* | redox* | bme* \
| midnightbsd* | amdhsa* | unleashed* | emscripten* | wasi* \
| nsk* | powerunix* | genode* | zvmoe* | qnx* | emx*)
| nsk* | powerunix* | genode* | zvmoe* | qnx* | emx* | zephyr* \
| fiwix* | mlibc* )
;;
# This one is extra strict with allowed versions
sco3.2v2 | sco3.2v[4-9]* | sco5v6*)
@@ -1733,6 +1766,9 @@ case $os in
;;
none)
;;
kernel* )
# Restricted further below
;;
*)
echo Invalid configuration \`"$1"\': OS \`"$os"\' not recognized 1>&2
exit 1
@@ -1742,16 +1778,27 @@ esac
# As a final step for OS-related things, validate the OS-kernel combination
# (given a valid OS), if there is a kernel.
case $kernel-$os in
linux-gnu* | linux-dietlibc* | linux-android* | linux-newlib* | linux-musl* | linux-uclibc* )
linux-gnu* | linux-dietlibc* | linux-android* | linux-newlib* \
| linux-musl* | linux-relibc* | linux-uclibc* | linux-mlibc* )
;;
uclinux-uclibc* )
;;
-dietlibc* | -newlib* | -musl* | -uclibc* )
managarm-mlibc* | managarm-kernel* )
;;
-dietlibc* | -newlib* | -musl* | -relibc* | -uclibc* | -mlibc* )
# These are just libc implementations, not actual OSes, and thus
# require a kernel.
echo "Invalid configuration \`$1': libc \`$os' needs explicit kernel." 1>&2
exit 1
;;
-kernel* )
echo "Invalid configuration \`$1': \`$os' needs explicit kernel." 1>&2
exit 1
;;
*-kernel* )
echo "Invalid configuration \`$1': \`$kernel' does not support \`$os'." 1>&2
exit 1
;;
kfreebsd*-gnu* | kopensolaris*-gnu*)
;;
vxworks-simlinux | vxworks-simwindows | vxworks-spe)

10455
libpcap/configure vendored
View File

File diff suppressed because it is too large Load Diff

1211
libpcap/configure.ac
View File

File diff suppressed because it is too large Load Diff

163
libpcap/diag-control.h
View File

@@ -37,12 +37,12 @@
#include "pcap/compiler-tests.h"
#ifndef _MSC_VER
#if PCAP_IS_AT_LEAST_CLANG_VERSION(2,8) || PCAP_IS_AT_LEAST_GNUC_VERSION(4,6)
/*
* Clang and GCC both support this way of putting pragmas into #defines.
* We don't use it unless we have a compiler that supports it; the
* warning-suppressing pragmas differ between Clang and GCC, so we test
* for both of those separately.
* We use it only if we have a compiler that supports it; see below
* for the code that uses it and the #defines that control whether
* that code is used.
*/
#define PCAP_DO_PRAGMA(x) _Pragma (#x)
#endif
@@ -86,7 +86,51 @@
/*
* Suppress Flex, narrowing, and deprecation warnings.
*/
#if defined(_MSC_VER)
#if PCAP_IS_AT_LEAST_CLANG_VERSION(2,8)
/*
* This is Clang 2.8 or later; we can use "clang diagnostic
* ignored -Wxxx" and "clang diagnostic push/pop".
*
* Suppress -Wdocumentation warnings; GCC doesn't support -Wdocumentation,
* at least according to the GCC 7.3 documentation. Apparently, Flex
* generates code that upsets at least some versions of Clang's
* -Wdocumentation.
*
* (This could be clang-cl, which defines _MSC_VER, so test this
* before testing _MSC_VER.)
*/
#define DIAG_OFF_FLEX \
PCAP_DO_PRAGMA(clang diagnostic push) \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wsign-compare") \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wdocumentation") \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wshorten-64-to-32") \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wmissing-noreturn") \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wunused-parameter") \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wunreachable-code")
#define DIAG_ON_FLEX \
PCAP_DO_PRAGMA(clang diagnostic pop)
/*
* Suppress the only narrowing warnings you get from Clang.
*/
#define DIAG_OFF_NARROWING \
PCAP_DO_PRAGMA(clang diagnostic push) \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wshorten-64-to-32")
#define DIAG_ON_NARROWING \
PCAP_DO_PRAGMA(clang diagnostic pop)
/*
* Suppress deprecation warnings.
*/
#define DIAG_OFF_DEPRECATION \
PCAP_DO_PRAGMA(clang diagnostic push) \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wdeprecated-declarations")
#define DIAG_ON_DEPRECATION \
PCAP_DO_PRAGMA(clang diagnostic pop)
#define DIAG_OFF_FORMAT_TRUNCATION
#define DIAG_ON_FORMAT_TRUNCATION
#elif defined(_MSC_VER)
/*
* This is Microsoft Visual Studio; we can use __pragma(warning(disable:XXXX))
* and __pragma(warning(push/pop)).
@@ -121,45 +165,8 @@
__pragma(warning(disable:4996))
#define DIAG_ON_DEPRECATION \
__pragma(warning(pop))
#elif PCAP_IS_AT_LEAST_CLANG_VERSION(2,8)
/*
* This is Clang 2.8 or later; we can use "clang diagnostic
* ignored -Wxxx" and "clang diagnostic push/pop".
*
* Suppress -Wdocumentation warnings; GCC doesn't support -Wdocumentation,
* at least according to the GCC 7.3 documentation. Apparently, Flex
* generates code that upsets at least some versions of Clang's
* -Wdocumentation.
*/
#define DIAG_OFF_FLEX \
PCAP_DO_PRAGMA(clang diagnostic push) \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wsign-compare") \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wdocumentation") \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wshorten-64-to-32") \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wmissing-noreturn") \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wunused-parameter") \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wunreachable-code")
#define DIAG_ON_FLEX \
PCAP_DO_PRAGMA(clang diagnostic pop)
/*
* Suppress the only narrowing warnings you get from Clang.
*/
#define DIAG_OFF_NARROWING \
PCAP_DO_PRAGMA(clang diagnostic push) \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wshorten-64-to-32")
#define DIAG_ON_NARROWING \
PCAP_DO_PRAGMA(clang diagnostic pop)
/*
* Suppress deprecation warnings.
*/
#define DIAG_OFF_DEPRECATION \
PCAP_DO_PRAGMA(clang diagnostic push) \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wdeprecated-declarations")
#define DIAG_ON_DEPRECATION \
PCAP_DO_PRAGMA(clang diagnostic pop)
#define DIAG_OFF_FORMAT_TRUNCATION
#define DIAG_ON_FORMAT_TRUNCATION
#elif PCAP_IS_AT_LEAST_GNUC_VERSION(4,6)
/*
* This is GCC 4.6 or later, or a compiler claiming to be that.
@@ -188,6 +195,22 @@
PCAP_DO_PRAGMA(GCC diagnostic ignored "-Wdeprecated-declarations")
#define DIAG_ON_DEPRECATION \
PCAP_DO_PRAGMA(GCC diagnostic pop)
/*
* Suppress format-truncation= warnings.
* GCC 7.1 had introduced this warning option. Earlier versions (at least
* one particular copy of GCC 4.6.4) treat the request as a warning.
*/
#if PCAP_IS_AT_LEAST_GNUC_VERSION(7,1)
#define DIAG_OFF_FORMAT_TRUNCATION \
PCAP_DO_PRAGMA(GCC diagnostic push) \
PCAP_DO_PRAGMA(GCC diagnostic ignored "-Wformat-truncation=")
#define DIAG_ON_FORMAT_TRUNCATION \
PCAP_DO_PRAGMA(GCC diagnostic pop)
#else
#define DIAG_OFF_FORMAT_TRUNCATION
#define DIAG_ON_FORMAT_TRUNCATION
#endif
#else
/*
* Neither Visual Studio, nor Clang 2.8 or later, nor GCC 4.6 or later
@@ -200,6 +223,8 @@
#define DIAG_ON_NARROWING
#define DIAG_OFF_DEPRECATION
#define DIAG_ON_DEPRECATION
#define DIAG_OFF_FORMAT_TRUNCATION
#define DIAG_ON_FORMAT_TRUNCATION
#endif
#ifdef YYBYACC
@@ -219,21 +244,21 @@
* In addition, the generated code may have functions with unreachable
* code, so suppress warnings about those.
*/
#if defined(_MSC_VER)
#if PCAP_IS_AT_LEAST_CLANG_VERSION(2,8)
/*
* This is Clang 2.8 or later (including clang-cl, so test this
* before _MSC_VER); we can use "clang diagnostic ignored -Wxxx".
*/
#define DIAG_OFF_BISON_BYACC \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wshadow") \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wunreachable-code")
#elif defined(_MSC_VER)
/*
* This is Microsoft Visual Studio; we can use
* __pragma(warning(disable:XXXX)).
*/
#define DIAG_OFF_BISON_BYACC \
__pragma(warning(disable:4702))
#elif PCAP_IS_AT_LEAST_CLANG_VERSION(2,8)
/*
* This is Clang 2.8 or later; we can use "clang diagnostic
* ignored -Wxxx".
*/
#define DIAG_OFF_BISON_BYACC \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wshadow") \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wunreachable-code")
#elif PCAP_IS_AT_LEAST_GNUC_VERSION(4,6)
/*
* This is GCC 4.6 or later, or a compiler claiming to be that.
@@ -257,7 +282,14 @@
* The generated code may have functions with unreachable code and
* switches with only a default case, so suppress warnings about those.
*/
#if defined(_MSC_VER)
#if PCAP_IS_AT_LEAST_CLANG_VERSION(2,8)
/*
* This is Clang 2.8 or later (including clang-cl, so test this
* before _MSC_VER); we can use "clang diagnostic ignored -Wxxx".
*/
#define DIAG_OFF_BISON_BYACC \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wunreachable-code")
#elif defined(_MSC_VER)
/*
* This is Microsoft Visual Studio; we can use
* __pragma(warning(disable:XXXX)).
@@ -270,13 +302,6 @@
__pragma(warning(disable:4242)) \
__pragma(warning(disable:4244)) \
__pragma(warning(disable:4702))
#elif PCAP_IS_AT_LEAST_CLANG_VERSION(2,8)
/*
* This is Clang 2.8 or later; we can use "clang diagnostic
* ignored -Wxxx".
*/
#define DIAG_OFF_BISON_BYACC \
PCAP_DO_PRAGMA(clang diagnostic ignored "-Wunreachable-code")
#elif PCAP_IS_AT_LEAST_GNUC_VERSION(4,6)
/*
* This is GCC 4.6 or later, or a compiler claiming to be that.
@@ -294,4 +319,20 @@
#endif
#endif
/*
* GCC needs this on AIX for longjmp().
*/
#if PCAP_IS_AT_LEAST_GNUC_VERSION(5,1)
/*
* Beware that the effect of this builtin is more than just squelching the
* warning! GCC trusts it enough for the process to segfault if the control
* flow reaches the builtin (an infinite empty loop in the same context would
* squelch the warning and ruin the process too, albeit in a different way).
* So please remember to use this very carefully.
*/
#define PCAP_UNREACHABLE __builtin_unreachable();
#else
#define PCAP_UNREACHABLE
#endif
#endif /* _diag_control_h */

7
libpcap/dlpisubs.c
View File

@@ -146,7 +146,12 @@ pcap_process_pkts(pcap_t *p, pcap_handler callback, u_char *user,
#endif
#endif
/* Loop through packets */
/*
* Loop through packets.
*
* This assumes that a single buffer of packets will have
* <= INT_MAX packets, so the packet count doesn't overflow.
*/
ep = bufp + len;
n = 0;

2
libpcap/extract.h
View File

@@ -127,7 +127,7 @@ EXTRACT_BE_S_8(const void *p)
* cast the pointer to point to one of those, and fetch through it;
* the GCC manual doesn't appear to explicitly say that
* __attribute__((packed)) causes the compiler to generate unaligned-safe
* code, but it apppears to do so.
* code, but it appears to do so.
*
* We do this in case the compiler can generate code using those
* instructions to do an unaligned load and pass stuff to "ntohs()" or

26
libpcap/fmtutils.c
View File

@@ -270,13 +270,21 @@ pcap_fmt_errmsg_for_errno(char *errbuf, size_t errbuflen, int errnum,
const char *fmt, ...)
{
va_list ap;
va_start(ap, fmt);
pcap_vfmt_errmsg_for_errno(errbuf, errbuflen, errnum, fmt, ap);
va_end(ap);
}
void
pcap_vfmt_errmsg_for_errno(char *errbuf, size_t errbuflen, int errnum,
const char *fmt, va_list ap)
{
size_t msglen;
char *p;
size_t errbuflen_remaining;
va_start(ap, fmt);
vsnprintf(errbuf, errbuflen, fmt, ap);
va_end(ap);
(void)vsnprintf(errbuf, errbuflen, fmt, ap);
msglen = strlen(errbuf);
/*
@@ -378,6 +386,16 @@ pcap_fmt_errmsg_for_win32_err(char *errbuf, size_t errbuflen, DWORD errnum,
const char *fmt, ...)
{
va_list ap;
va_start(ap, fmt);
pcap_vfmt_errmsg_for_win32_err(errbuf, errbuflen, errnum, fmt, ap);
va_end(ap);
}
void
pcap_vfmt_errmsg_for_win32_err(char *errbuf, size_t errbuflen, DWORD errnum,
const char *fmt, va_list ap)
{
size_t msglen;
char *p;
size_t errbuflen_remaining;
@@ -385,9 +403,7 @@ pcap_fmt_errmsg_for_win32_err(char *errbuf, size_t errbuflen, DWORD errnum,
wchar_t utf_16_errbuf[PCAP_ERRBUF_SIZE];
size_t utf_8_len;
va_start(ap, fmt);
vsnprintf(errbuf, errbuflen, fmt, ap);
va_end(ap);
msglen = strlen(errbuf);
/*

6
libpcap/fmtutils.h
View File

@@ -34,6 +34,8 @@
#ifndef fmtutils_h
#define fmtutils_h
#include <stdarg.h> /* we declare varargs functions */
#include "pcap/funcattrs.h"
#ifdef __cplusplus
@@ -44,10 +46,14 @@ void pcap_fmt_set_encoding(unsigned int);
void pcap_fmt_errmsg_for_errno(char *, size_t, int,
PCAP_FORMAT_STRING(const char *), ...) PCAP_PRINTFLIKE(4, 5);
void pcap_vfmt_errmsg_for_errno(char *, size_t, int,
PCAP_FORMAT_STRING(const char *), va_list) PCAP_PRINTFLIKE(4, 0);
#ifdef _WIN32
void pcap_fmt_errmsg_for_win32_err(char *, size_t, DWORD,
PCAP_FORMAT_STRING(const char *), ...) PCAP_PRINTFLIKE(4, 5);
void pcap_vfmt_errmsg_for_win32_err(char *, size_t, DWORD,
PCAP_FORMAT_STRING(const char *), va_list) PCAP_PRINTFLIKE(4, 0);
#endif
#ifdef __cplusplus

7
libpcap/ftmacros.h
View File

@@ -45,7 +45,12 @@
* namespace to the maximum extent possible"?
*/
#if defined(sun) || defined(__sun)
#define __EXTENSIONS__
/*
* On Solaris Clang defines __EXTENSIONS__ automatically.
*/
#ifndef __EXTENSIONS__
#define __EXTENSIONS__
#endif
/*
* We also need to define _XPG4_2 in order to get

273
libpcap/gencode.c
View File

@@ -1,4 +1,3 @@
/*#define CHASE_CHAIN*/
/*
* Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998
* The Regents of the University of California. All rights reserved.
@@ -24,7 +23,6 @@
#include <config.h>
#endif
#include <pcap-types.h>
#ifdef _WIN32
#include <ws2tcpip.h>
#else
@@ -43,25 +41,12 @@
#include <memory.h>
#include <setjmp.h>
#include <stdarg.h>
#include <stdio.h>
#ifdef MSDOS
#include "pcap-dos.h"
#endif
#ifdef HAVE_NET_PFVAR_H
/*
* In NetBSD <net/if.h> includes <net/dlt.h>, which is an older version of
* "pcap/dlt.h" with a lower value of DLT_MATCHING_MAX. Include the headers
* below before "pcap-int.h", which eventually includes "pcap/dlt.h", which
* redefines DLT_MATCHING_MAX from what this version of NetBSD has to what
* this version of libpcap has.
*/
#include <sys/socket.h>
#include <net/if.h>
#include <net/pfvar.h>
#include <net/if_pflog.h>
#endif /* HAVE_NET_PFVAR_H */
#include "pcap-int.h"
#include "extract.h"
@@ -73,12 +58,13 @@
#include "ieee80211.h"
#include "atmuni31.h"
#include "sunatmpos.h"
#include "pflog.h"
#include "ppp.h"
#include "pcap/sll.h"
#include "pcap/ipnet.h"
#include "arcnet.h"
#include "diag-control.h"
#include "grammar.h"
#include "scanner.h"
#if defined(linux)
@@ -475,6 +461,9 @@ bpf_error(compiler_state_t *cstate, const char *fmt, ...)
va_end(ap);
longjmp(cstate->top_ctx, 1);
/*NOTREACHED*/
#ifdef _AIX
PCAP_UNREACHABLE
#endif /* _AIX */
}
static int init_linktype(compiler_state_t *, pcap_t *);
@@ -521,6 +510,7 @@ static inline struct block *gen_false(compiler_state_t *);
static struct block *gen_ether_linktype(compiler_state_t *, bpf_u_int32);
static struct block *gen_ipnet_linktype(compiler_state_t *, bpf_u_int32);
static struct block *gen_linux_sll_linktype(compiler_state_t *, bpf_u_int32);
static struct slist *gen_load_pflog_llprefixlen(compiler_state_t *);
static struct slist *gen_load_prism_llprefixlen(compiler_state_t *);
static struct slist *gen_load_avs_llprefixlen(compiler_state_t *);
static struct slist *gen_load_radiotap_llprefixlen(compiler_state_t *);
@@ -574,7 +564,9 @@ static struct block *gen_portrangeop6(compiler_state_t *, u_int, u_int,
bpf_u_int32, int);
static struct block *gen_portrange6(compiler_state_t *, u_int, u_int, int, int);
static int lookup_proto(compiler_state_t *, const char *, int);
#if !defined(NO_PROTOCHAIN)
static struct block *gen_protochain(compiler_state_t *, bpf_u_int32, int);
#endif /* !defined(NO_PROTOCHAIN) */
static struct block *gen_proto(compiler_state_t *, bpf_u_int32, int, int);
static struct slist *xfer_to_x(compiler_state_t *, struct arth *);
static struct slist *xfer_to_a(compiler_state_t *, struct arth *);
@@ -741,7 +733,7 @@ pcap_compile(pcap_t *p, struct bpf_program *program,
if (!p->activated) {
snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
"not-yet-activated pcap_t passed to pcap_compile");
return (-1);
return (PCAP_ERROR);
}
#ifdef _WIN32
@@ -789,7 +781,7 @@ pcap_compile(pcap_t *p, struct bpf_program *program,
if (cstate.snaplen == 0) {
snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
"snaplen of 0 rejects all packets");
rc = -1;
rc = PCAP_ERROR;
goto quit;
}
@@ -805,7 +797,7 @@ pcap_compile(pcap_t *p, struct bpf_program *program,
pcap_set_extra(&cstate, scanner);
if (init_linktype(&cstate, p) == -1) {
rc = -1;
rc = PCAP_ERROR;
goto quit;
}
if (pcap_parse(scanner, &cstate) != 0) {
@@ -815,7 +807,7 @@ pcap_compile(pcap_t *p, struct bpf_program *program,
#endif
if (cstate.e != NULL)
free(cstate.e);
rc = -1;
rc = PCAP_ERROR;
goto quit;
}
@@ -824,7 +816,7 @@ pcap_compile(pcap_t *p, struct bpf_program *program,
* Catch errors reported by gen_retblk().
*/
if (setjmp(cstate.top_ctx)) {
rc = -1;
rc = PCAP_ERROR;
goto quit;
}
cstate.ic.root = gen_retblk(&cstate, cstate.snaplen);
@@ -833,14 +825,14 @@ pcap_compile(pcap_t *p, struct bpf_program *program,
if (optimize && !cstate.no_optimize) {
if (bpf_optimize(&cstate.ic, p->errbuf) == -1) {
/* Failure */
rc = -1;
rc = PCAP_ERROR;
goto quit;
}
if (cstate.ic.root == NULL ||
(cstate.ic.root->s.code == (BPF_RET|BPF_K) && cstate.ic.root->s.k == 0)) {
(void)snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
"expression rejects all packets");
rc = -1;
rc = PCAP_ERROR;
goto quit;
}
}
@@ -848,7 +840,7 @@ pcap_compile(pcap_t *p, struct bpf_program *program,
cstate.ic.root, &len, p->errbuf);
if (program->bf_insns == NULL) {
/* Failure */
rc = -1;
rc = PCAP_ERROR;
goto quit;
}
program->bf_len = len;
@@ -886,7 +878,7 @@ pcap_compile_nopcap(int snaplen_arg, int linktype_arg,
p = pcap_open_dead(linktype_arg, snaplen_arg);
if (p == NULL)
return (-1);
return (PCAP_ERROR);
ret = pcap_compile(p, program, buf, optimize, mask);
pcap_close(p);
return (ret);
@@ -1265,6 +1257,7 @@ init_linktype(compiler_state_t *cstate, pcap_t *p)
case DLT_PPP:
case DLT_PPP_PPPD:
case DLT_C_HDLC: /* BSD/OS Cisco HDLC */
case DLT_HDLC: /* NetBSD (Cisco) HDLC */
case DLT_PPP_SERIAL: /* NetBSD sync/async serial PPP */
cstate->off_linktype.constant_part = 2; /* skip HDLC-like framing */
cstate->off_linkpl.constant_part = 4; /* skip HDLC-like framing and protocol field */
@@ -1513,14 +1506,13 @@ init_linktype(compiler_state_t *cstate, pcap_t *p)
cstate->off_nl_nosnap = 0; /* XXX - what does it do with 802.3 packets? */
break;
#ifdef HAVE_NET_PFVAR_H
case DLT_PFLOG:
cstate->off_linktype.constant_part = 0;
cstate->off_linkpl.constant_part = PFLOG_HDRLEN;
cstate->off_linkpl.constant_part = 0; /* link-layer header is variable-length */
cstate->off_linkpl.is_variable = 1;
cstate->off_nl = 0;
cstate->off_nl_nosnap = 0; /* no 802.2 LLC */
break;
#endif
case DLT_JUNIPER_MFR:
case DLT_JUNIPER_MLFR:
@@ -1722,7 +1714,8 @@ init_linktype(compiler_state_t *cstate, pcap_t *p)
cstate->off_nl = OFFSET_NOT_SET;
cstate->off_nl_nosnap = OFFSET_NOT_SET;
} else {
bpf_set_error(cstate, "unknown data link type %d", cstate->linktype);
bpf_set_error(cstate, "unknown data link type %d (min %d, max %d)",
cstate->linktype, DLT_MATCHING_MIN, DLT_MATCHING_MAX);
return (-1);
}
break;
@@ -2344,6 +2337,59 @@ gen_linux_sll_linktype(compiler_state_t *cstate, bpf_u_int32 ll_proto)
}
}
/*
* Load a value relative to the beginning of the link-layer header after the
* pflog header.
*/
static struct slist *
gen_load_pflog_llprefixlen(compiler_state_t *cstate)
{
struct slist *s1, *s2;
/*
* Generate code to load the length of the pflog header into
* the register assigned to hold that length, if one has been
* assigned. (If one hasn't been assigned, no code we've
* generated uses that prefix, so we don't need to generate any
* code to load it.)
*/
if (cstate->off_linkpl.reg != -1) {
/*
* The length is in the first byte of the header.
*/
s1 = new_stmt(cstate, BPF_LD|BPF_B|BPF_ABS);
s1->s.k = 0;
/*
* Round it up to a multiple of 4.
* Add 3, and clear the lower 2 bits.
*/
s2 = new_stmt(cstate, BPF_ALU|BPF_ADD|BPF_K);
s2->s.k = 3;
sappend(s1, s2);
s2 = new_stmt(cstate, BPF_ALU|BPF_AND|BPF_K);
s2->s.k = 0xfffffffc;
sappend(s1, s2);
/*
* Now allocate a register to hold that value and store
* it.
*/
s2 = new_stmt(cstate, BPF_ST);
s2->s.k = cstate->off_linkpl.reg;
sappend(s1, s2);
/*
* Now move it into the X register.
*/
s2 = new_stmt(cstate, BPF_MISC|BPF_TAX);
sappend(s1, s2);
return (s1);
} else
return (NULL);
}
static struct slist *
gen_load_prism_llprefixlen(compiler_state_t *cstate)
{
@@ -2931,6 +2977,10 @@ insert_compute_vloffsets(compiler_state_t *cstate, struct block *b)
case DLT_PPI:
s = gen_load_802_11_header_len(cstate, s, b->stmts);
break;
case DLT_PFLOG:
s = gen_load_pflog_llprefixlen(cstate);
break;
}
/*
@@ -3166,6 +3216,7 @@ gen_linktype(compiler_state_t *cstate, bpf_u_int32 ll_proto)
/*NOTREACHED*/
case DLT_C_HDLC:
case DLT_HDLC:
switch (ll_proto) {
case LLCSAP_ISONS:
@@ -3395,7 +3446,6 @@ gen_linktype(compiler_state_t *cstate, bpf_u_int32 ll_proto)
return gen_false(cstate);
}
#ifdef HAVE_NET_PFVAR_H
case DLT_PFLOG:
/*
* af field is host byte order in contrast to the rest of
@@ -3410,7 +3460,6 @@ gen_linktype(compiler_state_t *cstate, bpf_u_int32 ll_proto)
else
return gen_false(cstate);
/*NOTREACHED*/
#endif /* HAVE_NET_PFVAR_H */
case DLT_ARCNET:
case DLT_ARCNET_LINUX:
@@ -5310,21 +5359,15 @@ gen_proto_abbrev_internal(compiler_state_t *cstate, int proto)
switch (proto) {
case Q_SCTP:
b1 = gen_proto(cstate, IPPROTO_SCTP, Q_IP, Q_DEFAULT);
b0 = gen_proto(cstate, IPPROTO_SCTP, Q_IPV6, Q_DEFAULT);
gen_or(b0, b1);
b1 = gen_proto(cstate, IPPROTO_SCTP, Q_DEFAULT, Q_DEFAULT);
break;
case Q_TCP:
b1 = gen_proto(cstate, IPPROTO_TCP, Q_IP, Q_DEFAULT);
b0 = gen_proto(cstate, IPPROTO_TCP, Q_IPV6, Q_DEFAULT);
gen_or(b0, b1);
b1 = gen_proto(cstate, IPPROTO_TCP, Q_DEFAULT, Q_DEFAULT);
break;
case Q_UDP:
b1 = gen_proto(cstate, IPPROTO_UDP, Q_IP, Q_DEFAULT);
b0 = gen_proto(cstate, IPPROTO_UDP, Q_IPV6, Q_DEFAULT);
gen_or(b0, b1);
b1 = gen_proto(cstate, IPPROTO_UDP, Q_DEFAULT, Q_DEFAULT);
break;
case Q_ICMP:
@@ -5351,9 +5394,7 @@ gen_proto_abbrev_internal(compiler_state_t *cstate, int proto)
#endif
case Q_PIM:
b1 = gen_proto(cstate, IPPROTO_PIM, Q_IP, Q_DEFAULT);
b0 = gen_proto(cstate, IPPROTO_PIM, Q_IPV6, Q_DEFAULT);
gen_or(b0, b1);
b1 = gen_proto(cstate, IPPROTO_PIM, Q_DEFAULT, Q_DEFAULT);
break;
#ifndef IPPROTO_VRRP
@@ -5430,18 +5471,14 @@ gen_proto_abbrev_internal(compiler_state_t *cstate, int proto)
#define IPPROTO_AH 51
#endif
case Q_AH:
b1 = gen_proto(cstate, IPPROTO_AH, Q_IP, Q_DEFAULT);
b0 = gen_proto(cstate, IPPROTO_AH, Q_IPV6, Q_DEFAULT);
gen_or(b0, b1);
b1 = gen_proto(cstate, IPPROTO_AH, Q_DEFAULT, Q_DEFAULT);
break;
#ifndef IPPROTO_ESP
#define IPPROTO_ESP 50
#endif
case Q_ESP:
b1 = gen_proto(cstate, IPPROTO_ESP, Q_IP, Q_DEFAULT);
b0 = gen_proto(cstate, IPPROTO_ESP, Q_IPV6, Q_DEFAULT);
gen_or(b0, b1);
b1 = gen_proto(cstate, IPPROTO_ESP, Q_DEFAULT, Q_DEFAULT);
break;
case Q_ISO:
@@ -6035,20 +6072,10 @@ lookup_proto(compiler_state_t *cstate, const char *name, int proto)
return v;
}
#if 0
struct stmt *
gen_joinsp(struct stmt **s, int n)
{
return NULL;
}
#endif
#if !defined(NO_PROTOCHAIN)
static struct block *
gen_protochain(compiler_state_t *cstate, bpf_u_int32 v, int proto)
{
#ifdef NO_PROTOCHAIN
return gen_proto(cstate, v, proto);
#else
struct block *b0, *b;
struct slist *s[100];
int fix2, fix3, fix4, fix5;
@@ -6342,8 +6369,8 @@ gen_protochain(compiler_state_t *cstate, bpf_u_int32 v, int proto)
gen_and(b0, b);
return b;
#endif
}
#endif /* !defined(NO_PROTOCHAIN) */
static struct block *
gen_check_802_11_data_frame(compiler_state_t *cstate)
@@ -6384,9 +6411,7 @@ static struct block *
gen_proto(compiler_state_t *cstate, bpf_u_int32 v, int proto, int dir)
{
struct block *b0, *b1;
#ifndef CHASE_CHAIN
struct block *b2;
#endif
if (dir != Q_DEFAULT)
bpf_error(cstate, "direction applied to 'proto'");
@@ -6418,11 +6443,7 @@ gen_proto(compiler_state_t *cstate, bpf_u_int32 v, int proto, int dir)
* So we always check for ETHERTYPE_IP.
*/
b0 = gen_linktype(cstate, ETHERTYPE_IP);
#ifndef CHASE_CHAIN
b1 = gen_cmp(cstate, OR_LINKPL, 9, BPF_B, v);
#else
b1 = gen_protochain(cstate, v, Q_IP);
#endif
gen_and(b0, b1);
return b1;
@@ -6484,7 +6505,6 @@ gen_proto(compiler_state_t *cstate, bpf_u_int32 v, int proto, int dir)
case Q_IPV6:
b0 = gen_linktype(cstate, ETHERTYPE_IPV6);
#ifndef CHASE_CHAIN
/*
* Also check for a fragment header before the final
* header.
@@ -6494,9 +6514,6 @@ gen_proto(compiler_state_t *cstate, bpf_u_int32 v, int proto, int dir)
gen_and(b2, b1);
b2 = gen_cmp(cstate, OR_LINKPL, 6, BPF_B, v);
gen_or(b2, b1);
#else
b1 = gen_protochain(cstate, v, Q_IPV6);
#endif
gen_and(b0, b1);
return b1;
@@ -6550,6 +6567,7 @@ gen_proto(compiler_state_t *cstate, bpf_u_int32 v, int proto, int dir)
/*NOTREACHED*/
case DLT_C_HDLC:
case DLT_HDLC:
/*
* Cisco uses an Ethertype lookalike - for OSI,
* it's 0xfefe.
@@ -6935,12 +6953,14 @@ gen_scode(compiler_state_t *cstate, const char *name, struct qual q)
else
bpf_error(cstate, "unknown protocol: %s", name);
#if !defined(NO_PROTOCHAIN)
case Q_PROTOCHAIN:
real_proto = lookup_proto(cstate, name, proto);
if (real_proto >= 0)
return gen_protochain(cstate, real_proto, proto);
else
bpf_error(cstate, "unknown protocol: %s", name);
#endif /* !defined(NO_PROTOCHAIN) */
case Q_UNDEF:
syntax(cstate);
@@ -7113,8 +7133,10 @@ gen_ncode(compiler_state_t *cstate, const char *s, bpf_u_int32 v, struct qual q)
case Q_PROTO:
return gen_proto(cstate, v, proto, dir);
#if !defined(NO_PROTOCHAIN)
case Q_PROTOCHAIN:
return gen_protochain(cstate, v, proto);
#endif
case Q_UNDEF:
syntax(cstate);
@@ -7968,7 +7990,7 @@ gen_broadcast(compiler_state_t *cstate, int proto)
default:
bpf_error(cstate, "not a broadcast link");
}
/*NOTREACHED*/
/*NOTREACHED*/
case Q_IP:
/*
@@ -8300,12 +8322,10 @@ gen_inbound(compiler_state_t *cstate, int dir)
}
break;
#ifdef HAVE_NET_PFVAR_H
case DLT_PFLOG:
b0 = gen_cmp(cstate, OR_LINKHDR, offsetof(struct pfloghdr, dir), BPF_B,
((dir == 0) ? PF_IN : PF_OUT));
break;
#endif
case DLT_PPP_PPPD:
if (dir) {
@@ -8396,7 +8416,6 @@ gen_inbound(compiler_state_t *cstate, int dir)
return (b0);
}
#ifdef HAVE_NET_PFVAR_H
/* PF firewall log matched interface */
struct block *
gen_pf_ifname(compiler_state_t *cstate, const char *ifname)
@@ -8547,91 +8566,6 @@ gen_pf_action(compiler_state_t *cstate, int action)
(bpf_u_int32)action);
return (b0);
}
#else /* !HAVE_NET_PFVAR_H */
struct block *
gen_pf_ifname(compiler_state_t *cstate, const char *ifname _U_)
{
/*
* Catch errors reported by us and routines below us, and return NULL
* on an error.
*/
if (setjmp(cstate->top_ctx))
return (NULL);
bpf_error(cstate, "libpcap was compiled without pf support");
/*NOTREACHED*/
}
struct block *
gen_pf_ruleset(compiler_state_t *cstate, char *ruleset _U_)
{
/*
* Catch errors reported by us and routines below us, and return NULL
* on an error.
*/
if (setjmp(cstate->top_ctx))
return (NULL);
bpf_error(cstate, "libpcap was compiled on a machine without pf support");
/*NOTREACHED*/
}
struct block *
gen_pf_rnr(compiler_state_t *cstate, int rnr _U_)
{
/*
* Catch errors reported by us and routines below us, and return NULL
* on an error.
*/
if (setjmp(cstate->top_ctx))
return (NULL);
bpf_error(cstate, "libpcap was compiled on a machine without pf support");
/*NOTREACHED*/
}
struct block *
gen_pf_srnr(compiler_state_t *cstate, int srnr _U_)
{
/*
* Catch errors reported by us and routines below us, and return NULL
* on an error.
*/
if (setjmp(cstate->top_ctx))
return (NULL);
bpf_error(cstate, "libpcap was compiled on a machine without pf support");
/*NOTREACHED*/
}
struct block *
gen_pf_reason(compiler_state_t *cstate, int reason _U_)
{
/*
* Catch errors reported by us and routines below us, and return NULL
* on an error.
*/
if (setjmp(cstate->top_ctx))
return (NULL);
bpf_error(cstate, "libpcap was compiled on a machine without pf support");
/*NOTREACHED*/
}
struct block *
gen_pf_action(compiler_state_t *cstate, int action _U_)
{
/*
* Catch errors reported by us and routines below us, and return NULL
* on an error.
*/
if (setjmp(cstate->top_ctx))
return (NULL);
bpf_error(cstate, "libpcap was compiled on a machine without pf support");
/*NOTREACHED*/
}
#endif /* HAVE_NET_PFVAR_H */
/* IEEE 802.11 wireless header */
struct block *
@@ -8721,7 +8655,7 @@ gen_acode(compiler_state_t *cstate, const char *s, struct qual q)
return (b);
} else
bpf_error(cstate, "ARCnet address used in non-arc expression");
/*NOTREACHED*/
/*NOTREACHED*/
default:
bpf_error(cstate, "aid supported only on ARCnet");
@@ -8757,27 +8691,27 @@ gen_ahostop(compiler_state_t *cstate, const u_char *eaddr, int dir)
case Q_ADDR1:
bpf_error(cstate, "'addr1' and 'address1' are only supported on 802.11");
/*NOTREACHED*/
/*NOTREACHED*/
case Q_ADDR2:
bpf_error(cstate, "'addr2' and 'address2' are only supported on 802.11");
/*NOTREACHED*/
/*NOTREACHED*/
case Q_ADDR3:
bpf_error(cstate, "'addr3' and 'address3' are only supported on 802.11");
/*NOTREACHED*/
/*NOTREACHED*/
case Q_ADDR4:
bpf_error(cstate, "'addr4' and 'address4' are only supported on 802.11");
/*NOTREACHED*/
/*NOTREACHED*/
case Q_RA:
bpf_error(cstate, "'ra' is only supported on 802.11");
/*NOTREACHED*/
/*NOTREACHED*/
case Q_TA:
bpf_error(cstate, "'ta' is only supported on 802.11");
/*NOTREACHED*/
/*NOTREACHED*/
}
abort();
/*NOTREACHED*/
@@ -8788,7 +8722,7 @@ gen_vlan_tpid_test(compiler_state_t *cstate)
{
struct block *b0, *b1;
/* check for VLAN, including QinQ */
/* check for VLAN, including 802.1ad and QinQ */
b0 = gen_linktype(cstate, ETHERTYPE_8021Q);
b1 = gen_linktype(cstate, ETHERTYPE_8021AD);
gen_or(b0,b1);
@@ -9095,6 +9029,7 @@ gen_mpls(compiler_state_t *cstate, bpf_u_int32 label_num_arg,
switch (cstate->linktype) {
case DLT_C_HDLC: /* fall through */
case DLT_HDLC:
case DLT_EN10MB:
case DLT_NETANALYZER:
case DLT_NETANALYZER_TRANSPARENT:

14
libpcap/gencode.h
View File

@@ -19,7 +19,19 @@
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
#ifndef gencode_h
#define gencode_h
#include "pcap/funcattrs.h"
/*
* pcap/bpf.h (a public header) needs u_char, u_short and u_int, which can be
* made available via either pcap-types.h (a private header) or pcap/pcap.h
* (a public header), none of which pcap/bpf.h includes. Include the private
* header to keep things simple, this way this private header should compile
* even if included early from another file.
*/
#include "pcap-types.h"
#include "pcap/bpf.h" /* bpf_u_int32 and BPF_MEMWORDS */
/*
* ATM support:
@@ -400,3 +412,5 @@ int pcap_parse(void *, compiler_state_t *);
/* XXX */
#define JT(b) ((b)->et.succ)
#define JF(b) ((b)->ef.succ)
#endif /* gencode_h */

1012
libpcap/grammar.c
View File

File diff suppressed because it is too large Load Diff

2
libpcap/grammar.h
View File

@@ -174,7 +174,7 @@ extern int pcap_debug;
union YYSTYPE
{
#line 321 "grammar.y" /* yacc.c:1909 */
#line 349 "grammar.y" /* yacc.c:1909 */
int i;
bpf_u_int32 h;

126
libpcap/grammar.y.in
View File

@@ -71,6 +71,13 @@
#include <config.h>
#endif
/*
* grammar.h requires gencode.h and sometimes breaks in a polluted namespace
* (see ftmacros.h), so include it early.
*/
#include "gencode.h"
#include "grammar.h"
#include <stdlib.h>
#ifndef _WIN32
@@ -92,17 +99,11 @@ struct rtentry;
#include "pcap-int.h"
#include "gencode.h"
#include "grammar.h"
#include "scanner.h"
#ifdef HAVE_NET_PFVAR_H
#include <net/if.h>
#include <net/pfvar.h>
#include <net/if_pflog.h>
#endif
#include "llc.h"
#include "ieee80211.h"
#include "pflog.h"
#include <pcap/namedb.h>
#ifdef HAVE_OS_PROTO_H
@@ -254,60 +255,87 @@ yyerror(void *yyscanner _U_, compiler_state_t *cstate, const char *msg)
bpf_set_error(cstate, "can't parse filter expression: %s", msg);
}
#ifdef HAVE_NET_PFVAR_H
static const struct tok pflog_reasons[] = {
{ PFRES_MATCH, "match" },
{ PFRES_BADOFF, "bad-offset" },
{ PFRES_FRAG, "fragment" },
{ PFRES_SHORT, "short" },
{ PFRES_NORM, "normalize" },
{ PFRES_MEMORY, "memory" },
{ PFRES_TS, "bad-timestamp" },
{ PFRES_CONGEST, "congestion" },
{ PFRES_IPOPTIONS, "ip-option" },
{ PFRES_PROTCKSUM, "proto-cksum" },
{ PFRES_BADSTATE, "state-mismatch" },
{ PFRES_STATEINS, "state-insert" },
{ PFRES_MAXSTATES, "state-limit" },
{ PFRES_SRCLIMIT, "src-limit" },
{ PFRES_SYNPROXY, "synproxy" },
#if defined(__FreeBSD__)
{ PFRES_MAPFAILED, "map-failed" },
#elif defined(__NetBSD__)
{ PFRES_STATELOCKED, "state-locked" },
#elif defined(__OpenBSD__)
{ PFRES_TRANSLATE, "translate" },
{ PFRES_NOROUTE, "no-route" },
#elif defined(__APPLE__)
{ PFRES_DUMMYNET, "dummynet" },
#endif
{ 0, NULL }
};
static int
pfreason_to_num(compiler_state_t *cstate, const char *reason)
{
const char *reasons[] = PFRES_NAMES;
int i;
for (i = 0; reasons[i]; i++) {
if (pcap_strcasecmp(reason, reasons[i]) == 0)
return (i);
}
bpf_set_error(cstate, "unknown PF reason \"%s\"", reason);
return (-1);
i = str2tok(reason, pflog_reasons);
if (i == -1)
bpf_set_error(cstate, "unknown PF reason \"%s\"", reason);
return (i);
}
static const struct tok pflog_actions[] = {
{ PF_PASS, "pass" },
{ PF_PASS, "accept" }, /* alias for "pass" */
{ PF_DROP, "drop" },
{ PF_DROP, "block" }, /* alias for "drop" */
{ PF_SCRUB, "scrub" },
{ PF_NOSCRUB, "noscrub" },
{ PF_NAT, "nat" },
{ PF_NONAT, "nonat" },
{ PF_BINAT, "binat" },
{ PF_NOBINAT, "nobinat" },
{ PF_RDR, "rdr" },
{ PF_NORDR, "nordr" },
{ PF_SYNPROXY_DROP, "synproxy-drop" },
#if defined(__FreeBSD__)
{ PF_DEFER, "defer" },
#elif defined(__OpenBSD__)
{ PF_DEFER, "defer" },
{ PF_MATCH, "match" },
{ PF_DIVERT, "divert" },
{ PF_RT, "rt" },
{ PF_AFRT, "afrt" },
#elif defined(__APPLE__)
{ PF_DUMMYNET, "dummynet" },
{ PF_NODUMMYNET, "nodummynet" },
{ PF_NAT64, "nat64" },
{ PF_NONAT64, "nonat64" },
#endif
{ 0, NULL },
};
static int
pfaction_to_num(compiler_state_t *cstate, const char *action)
{
if (pcap_strcasecmp(action, "pass") == 0 ||
pcap_strcasecmp(action, "accept") == 0)
return (PF_PASS);
else if (pcap_strcasecmp(action, "drop") == 0 ||
pcap_strcasecmp(action, "block") == 0)
return (PF_DROP);
#if HAVE_PF_NAT_THROUGH_PF_NORDR
else if (pcap_strcasecmp(action, "rdr") == 0)
return (PF_RDR);
else if (pcap_strcasecmp(action, "nat") == 0)
return (PF_NAT);
else if (pcap_strcasecmp(action, "binat") == 0)
return (PF_BINAT);
else if (pcap_strcasecmp(action, "nordr") == 0)
return (PF_NORDR);
#endif
else {
bpf_set_error(cstate, "unknown PF action \"%s\"", action);
return (-1);
}
}
#else /* !HAVE_NET_PFVAR_H */
static int
pfreason_to_num(compiler_state_t *cstate, const char *reason _U_)
{
bpf_set_error(cstate, "libpcap was compiled on a machine without pf support");
return (-1);
}
int i;
static int
pfaction_to_num(compiler_state_t *cstate, const char *action _U_)
{
bpf_set_error(cstate, "libpcap was compiled on a machine without pf support");
return (-1);
i = str2tok(action, pflog_actions);
if (i == -1)
bpf_set_error(cstate, "unknown PF action \"%s\"", action);
return (i);
}
#endif /* HAVE_NET_PFVAR_H */
/*
* For calls that might return an "an error occurred" value.

5
libpcap/libpcap.pc.in
View File

@@ -13,6 +13,7 @@ libdir="@libdir@"
Name: libpcap
Description: Platform-independent network traffic capture library
Version: @PACKAGE_VERSION@
Libs: -L${libdir} -l@PACKAGE_NAME@
Libs.private: @LIBS@
Requires.private: @REQUIRES_PRIVATE@
Libs: -L${libdir} @RPATH@ -l@PACKAGE_NAME@
Libs.private: @LIBS_PRIVATE@
Cflags: -I${includedir}

2
libpcap/missing/asprintf.c
View File

@@ -20,7 +20,7 @@ pcap_vasprintf(char **strp, const char *format, va_list args)
int ret;
/*
* XXX - the C99 standard says, in section 7.19.6.5 "Thes
* XXX - the C99 standard says, in section 7.19.6.5 "The
* nprintf function":
*
* The snprintf function is equivalent to fprintf, except that

23
libpcap/mkdep
View File

@@ -92,7 +92,7 @@ _EOF_
# hack can't deal with anything that requires a search path, and doesn't
# even try for anything using bracket (<>) syntax.
#
# egrep '^#include[ ]*".*"' /dev/null $* |
# grep -E '^#include[[:blank:]]*".*"' /dev/null $* |
# sed -e 's/:[^"]*"\([^"]*\)".*/: \1/' -e 's/\.c/.o/' |
#
@@ -108,26 +108,7 @@ done
$CC $DEPENDENCY_CFLAG $flags $sources |
sed "
s; \./; ;g
$SED" |
awk '{
if ($1 != prev) {
if (rec != "")
print rec;
rec = $0;
prev = $1;
}
else {
if (length(rec $2) > 78) {
print rec;
rec = $0;
}
else
rec = rec " " $2
}
}
END {
print rec
}' >> $TMP
$SED" >> $TMP
cat << _EOF_ >> $TMP

8
libpcap/msdos/makefile
View File

@@ -104,7 +104,7 @@ clean:
#
pkt_rx0.obj: msdos\pkt_rx0.asm
bpf_filt.obj: bpf_filt.c pcap-int.h pcap.h pcap-bpf.h gnuc.h
bpf_filt.obj: bpf_filt.c pcap-int.h pcap.h pcap-bpf.h
bpf_imag.obj: bpf_imag.c pcap-int.h pcap.h pcap-bpf.h
@@ -134,7 +134,7 @@ nametoad.obj: nametoad.c pcap-int.h pcap.h pcap-bpf.h gencode.h \
pcap-dos.obj: pcap-dos.c pcap.h pcap-bpf.h pcap-dos.h pcap-int.h \
msdos\pktdrvr.h
pktdrvr.obj: msdos\pktdrvr.c gnuc.h pcap-dos.h pcap-int.h \
pktdrvr.obj: msdos\pktdrvr.c pcap-dos.h pcap-int.h \
pcap.h pcap-bpf.h msdos\pktdrvr.h msdos\pkt_stub.inc
ndis2.obj: msdos\ndis2.c pcap-dos.h pcap-int.h pcap.h pcap-bpf.h \
@@ -142,7 +142,7 @@ ndis2.obj: msdos\ndis2.c pcap-dos.h pcap-int.h pcap.h pcap-bpf.h \
pkt_rx0.o32: msdos\pkt_rx0.asm
bpf_filt.o32: bpf_filt.c pcap-int.h pcap.h pcap-bpf.h gnuc.h
bpf_filt.o32: bpf_filt.c pcap-int.h pcap.h pcap-bpf.h
bpf_imag.o32: bpf_imag.c pcap-int.h pcap.h pcap-bpf.h
@@ -172,7 +172,7 @@ nametoad.o32: nametoad.c pcap-int.h pcap.h pcap-bpf.h gencode.h \
pcap-dos.o32: pcap-dos.c pcap.h pcap-bpf.h pcap-dos.h pcap-int.h \
msdos\pktdrvr.h
pktdrvr.o32: msdos\pktdrvr.c gnuc.h pcap-dos.h pcap-int.h \
pktdrvr.o32: msdos\pktdrvr.c pcap-dos.h pcap-int.h \
pcap.h pcap-bpf.h msdos\pktdrvr.h msdos\pkt_stub.inc
ndis2.o32: msdos\ndis2.c pcap-dos.h pcap-int.h pcap.h pcap-bpf.h \

47
libpcap/nametoaddr.c
View File

@@ -267,7 +267,7 @@ pcap_nametonetaddr(const char *name)
* *not* always get set if getnetbyname_r() succeeds.
*/
np = NULL;
err = getnetbyname_r(name, &result_buf, buf, sizeof buf, &np,
err = getnetbyname_r(name, &result_buf, buf, sizeof buf, &np,
&h_errnoval);
if (err != 0) {
/*
@@ -296,16 +296,16 @@ pcap_nametonetaddr(const char *name)
else
np = &result_buf;
#else
/*
* We don't have any getnetbyname_r(); either we have a
* getnetbyname() that uses thread-specific data, in which
* case we're thread-safe (sufficiently recent FreeBSD,
* sufficiently recent Darwin-based OS, sufficiently recent
* HP-UX, sufficiently recent Tru64 UNIX), or we have the
* traditional getnetbyname() (everything else, including
* current NetBSD and OpenBSD), in which case we're not
* thread-safe.
*/
/*
* We don't have any getnetbyname_r(); either we have a
* getnetbyname() that uses thread-specific data, in which
* case we're thread-safe (sufficiently recent FreeBSD,
* sufficiently recent Darwin-based OS, sufficiently recent
* HP-UX, sufficiently recent Tru64 UNIX), or we have the
* traditional getnetbyname() (everything else, including
* current NetBSD and OpenBSD), in which case we're not
* thread-safe.
*/
np = getnetbyname(name);
#endif
if (np != NULL)
@@ -552,16 +552,16 @@ pcap_nametoproto(const char *str)
else
p = &result_buf;
#else
/*
* We don't have any getprotobyname_r(); either we have a
* getprotobyname() that uses thread-specific data, in which
* case we're thread-safe (sufficiently recent FreeBSD,
* sufficiently recent Darwin-based OS, sufficiently recent
* HP-UX, sufficiently recent Tru64 UNIX, Windows), or we have
/*
* We don't have any getprotobyname_r(); either we have a
* getprotobyname() that uses thread-specific data, in which
* case we're thread-safe (sufficiently recent FreeBSD,
* sufficiently recent Darwin-based OS, sufficiently recent
* HP-UX, sufficiently recent Tru64 UNIX, Windows), or we have
* the traditional getprotobyname() (everything else, including
* current NetBSD and OpenBSD), in which case we're not
* thread-safe.
*/
* current NetBSD and OpenBSD), in which case we're not
* thread-safe.
*/
p = getprotobyname(str);
#endif
if (p != 0)
@@ -785,9 +785,14 @@ pcap_ether_hostton(const char *name)
{
register u_char *ap;
u_char a[6];
char namebuf[1024];
/*
* In AIX 7.1 and 7.2: int ether_hostton(char *, struct ether_addr *);
*/
pcap_strlcpy(namebuf, name, sizeof(namebuf));
ap = NULL;
if (ether_hostton(name, (struct ether_addr *)a) == 0) {
if (ether_hostton(namebuf, (struct ether_addr *)a) == 0) {
ap = (u_char *)malloc(6);
if (ap != NULL)
memcpy((char *)ap, (char *)a, 6);

30
libpcap/optimize.c
View File

@@ -32,13 +32,14 @@
#include <memory.h>
#include <setjmp.h>
#include <string.h>
#include <limits.h> /* for SIZE_MAX */
#include <errno.h>
#include "pcap-int.h"
#include "gencode.h"
#include "optimize.h"
#include "diag-control.h"
#ifdef HAVE_OS_PROTO_H
#include "os-proto.h"
@@ -2098,7 +2099,7 @@ opt_blks(opt_state_t *opt_state, struct icode *ic, int do_stmts)
* versions of the machine code, eventually returning
* to the first version. (We're really not doing a
* full loop detection, we're just testing for two
* passes in a row where where we do nothing but
* passes in a row where we do nothing but
* move branches.)
*/
return;
@@ -2421,6 +2422,9 @@ opt_error(opt_state_t *opt_state, const char *fmt, ...)
}
longjmp(opt_state->top_ctx, 1);
/* NOTREACHED */
#ifdef _AIX
PCAP_UNREACHABLE
#endif /* _AIX */
}
/*
@@ -2606,7 +2610,7 @@ opt_init(opt_state_t *opt_state, struct icode *ic)
}
/*
* Make sure the total memory required for both of them dosn't
* Make sure the total memory required for both of them doesn't
* overflow.
*/
if (block_memsize > SIZE_MAX - edge_memsize) {
@@ -2895,7 +2899,6 @@ icode_to_fcode(struct icode *ic, struct block *root, u_int *lenp,
if (fp == NULL) {
(void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
"malloc");
free(fp);
return NULL;
}
memset((char *)fp, 0, sizeof(*fp) * n);
@@ -2925,6 +2928,9 @@ conv_error(conv_state_t *conv_state, const char *fmt, ...)
va_end(ap);
longjmp(conv_state->top_ctx, 1);
/* NOTREACHED */
#ifdef _AIX
PCAP_UNREACHABLE
#endif /* _AIX */
}
/*
@@ -3023,14 +3029,14 @@ dot_dump_edge(struct icode *ic, struct block *block, FILE *out)
*
* example DOT for BPF `ip src host 1.1.1.1' is:
digraph BPF {
block0 [shape=ellipse, id="block-0" label="BLOCK0\n\n(000) ldh [12]\n(001) jeq #0x800 jt 2 jf 5" tooltip="val[A]=0 val[X]=0"];
block1 [shape=ellipse, id="block-1" label="BLOCK1\n\n(002) ld [26]\n(003) jeq #0x1010101 jt 4 jf 5" tooltip="val[A]=0 val[X]=0"];
block2 [shape=ellipse, id="block-2" label="BLOCK2\n\n(004) ret #68" tooltip="val[A]=0 val[X]=0", peripheries=2];
block3 [shape=ellipse, id="block-3" label="BLOCK3\n\n(005) ret #0" tooltip="val[A]=0 val[X]=0", peripheries=2];
"block0":se -> "block1":n [label="T"];
"block0":sw -> "block3":n [label="F"];
"block1":se -> "block2":n [label="T"];
"block1":sw -> "block3":n [label="F"];
block0 [shape=ellipse, id="block-0" label="BLOCK0\n\n(000) ldh [12]\n(001) jeq #0x800 jt 2 jf 5" tooltip="val[A]=0 val[X]=0"];
block1 [shape=ellipse, id="block-1" label="BLOCK1\n\n(002) ld [26]\n(003) jeq #0x1010101 jt 4 jf 5" tooltip="val[A]=0 val[X]=0"];
block2 [shape=ellipse, id="block-2" label="BLOCK2\n\n(004) ret #68" tooltip="val[A]=0 val[X]=0", peripheries=2];
block3 [shape=ellipse, id="block-3" label="BLOCK3\n\n(005) ret #0" tooltip="val[A]=0 val[X]=0", peripheries=2];
"block0":se -> "block1":n [label="T"];
"block0":sw -> "block3":n [label="F"];
"block1":se -> "block2":n [label="T"];
"block1":sw -> "block3":n [label="F"];
}
*
* After install graphviz on https://www.graphviz.org/, save it as bpf.dot

3
libpcap/pcap-airpcap.c
View File

@@ -627,6 +627,9 @@ airpcap_read(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
/*
* Loop through each packet.
*
* This assumes that a single buffer of packets will have
* <= INT_MAX packets, so the packet count doesn't overflow.
*/
#define bhp ((AirpcapBpfHeader *)bp)
n = 0;

37
libpcap/pcap-bpf.c
View File

@@ -478,7 +478,7 @@ bpf_open(char *errbuf)
{
int fd = -1;
static const char cloning_device[] = "/dev/bpf";
int n = 0;
u_int n = 0;
char device[sizeof "/dev/bpf0000000000"];
static int no_cloning_bpf = 0;
@@ -503,12 +503,17 @@ bpf_open(char *errbuf)
((errno != EACCES && errno != ENOENT) ||
(fd = open(cloning_device, O_RDONLY)) == -1)) {
if (errno != ENOENT) {
if (errno == EACCES)
if (errno == EACCES) {
fd = PCAP_ERROR_PERM_DENIED;
else
snprintf(errbuf, PCAP_ERRBUF_SIZE,
"Attempt to open %s failed - root privileges may be required",
cloning_device);
} else {
fd = PCAP_ERROR;
pcap_fmt_errmsg_for_errno(errbuf, PCAP_ERRBUF_SIZE,
errno, "(cannot open device) %s", cloning_device);
pcap_fmt_errmsg_for_errno(errbuf,
PCAP_ERRBUF_SIZE, errno,
"(cannot open device) %s", cloning_device);
}
return (fd);
}
no_cloning_bpf = 1;
@@ -521,7 +526,7 @@ bpf_open(char *errbuf)
* that isn't in use.
*/
do {
(void)snprintf(device, sizeof(device), "/dev/bpf%d", n++);
(void)snprintf(device, sizeof(device), "/dev/bpf%u", n++);
/*
* Initially try a read/write open (to allow the inject
* method to work). If that fails due to permission
@@ -577,8 +582,9 @@ bpf_open(char *errbuf)
* if any.
*/
fd = PCAP_ERROR_PERM_DENIED;
pcap_fmt_errmsg_for_errno(errbuf, PCAP_ERRBUF_SIZE,
errno, "(cannot open BPF device) %s", device);
snprintf(errbuf, PCAP_ERRBUF_SIZE,
"Attempt to open %s failed - root privileges may be required",
device);
break;
default:
@@ -655,7 +661,11 @@ bpf_bind(int fd, const char *name, char *errbuf)
case ENXIO:
/*
* There's no such device.
*
* There's nothing more to say, so clear out the
* error message.
*/
errbuf[0] = '\0';
return (PCAP_ERROR_NO_SUCH_DEVICE);
case ENETDOWN:
@@ -1177,6 +1187,9 @@ pcap_read_bpf(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
/*
* Loop through each packet.
*
* This assumes that a single buffer of packets will have
* <= INT_MAX packets, so the packet count doesn't overflow.
*/
#ifdef BIOCSTSTAMP
#define bhp ((struct bpf_xhdr *)bp)
@@ -2191,7 +2204,7 @@ pcap_activate_bpf(pcap_t *p)
*
* Otherwise, fail.
*/
if (errno != BPF_BIND_BUFFER_TOO_BIG) {
if (status != BPF_BIND_BUFFER_TOO_BIG) {
/*
* Special checks on macOS to deal
* with the way monitor mode was
@@ -2968,7 +2981,7 @@ get_if_flags(const char *name, bpf_u_int32 *flags, char *errbuf)
}
#else
static int
get_if_flags(const char *name _U_, bpf_u_int32 *flags _U_, char *errbuf _U_)
get_if_flags(const char *name _U_, bpf_u_int32 *flags, char *errbuf _U_)
{
/*
* Nothing we can do other than mark loopback devices as "the
@@ -3043,7 +3056,11 @@ monitor_mode(pcap_t *p, int set)
case ENXIO:
/*
* There's no such device.
*
* There's nothing more to say, so clear the
* error message.
*/
p->errbuf[0] = '\0';
close(sock);
return (PCAP_ERROR_NO_SUCH_DEVICE);

14
libpcap/pcap-bt-linux.c
View File

@@ -98,6 +98,14 @@ bt_findalldevs(pcap_if_list_t *devlistp, char *err_str)
goto done;
}
/*
* Zero the complete header, which is larger than dev_num because of tail
* padding, to silence Valgrind, which overshoots validating that dev_num
* has been set.
* https://github.com/the-tcpdump-group/libpcap/issues/1083
* https://bugs.kde.org/show_bug.cgi?id=448464
*/
memset(dev_list, 0, sizeof(*dev_list));
dev_list->dev_num = HCI_MAX_DEV;
if (ioctl(sock, HCIGETDEVLIST, (void *) dev_list) < 0)
@@ -359,9 +367,9 @@ bt_read_linux(pcap_t *handle, int max_packets _U_, pcap_handler callback, u_char
case HCI_CMSG_DIR:
memcpy(&in, CMSG_DATA(cmsg), sizeof in);
break;
case HCI_CMSG_TSTAMP:
memcpy(&pkth.ts, CMSG_DATA(cmsg),
sizeof pkth.ts);
case HCI_CMSG_TSTAMP:
memcpy(&pkth.ts, CMSG_DATA(cmsg),
sizeof pkth.ts);
break;
}
cmsg = CMSG_NXTHDR(&msg, cmsg);

320
libpcap/pcap-common.c
View File

@@ -28,11 +28,6 @@
#include <pcap-types.h>
#include "pcap-int.h"
#include "extract.h"
#include "pcap/sll.h"
#include "pcap/usb.h"
#include "pcap/nflog.h"
#include "pcap/can_socketcan.h"
#include "pcap-common.h"
@@ -168,11 +163,20 @@
#define LINKTYPE_ENC 109 /* OpenBSD IPSEC enc */
/*
* These three types are reserved for future use.
* These two types are reserved for future use.
*/
#define LINKTYPE_LANE8023 110 /* ATM LANE + 802.3 */
#define LINKTYPE_HIPPI 111 /* NetBSD HIPPI */
#define LINKTYPE_HDLC 112 /* NetBSD HDLC framing */
/*
* Used for NetBSD DLT_HDLC; from looking at the one driver in NetBSD
* that uses it, it's Cisco HDLC, so it's the same as DLT_C_HDLC/
* LINKTYPE_C_HDLC, but we define a separate value to avoid some
* compatibility issues with programs on NetBSD.
*
* All code should treat LINKTYPE_NETBSD_HDLC and LINKTYPE_C_HDLC the same.
*/
#define LINKTYPE_NETBSD_HDLC 112 /* NetBSD HDLC framing */
#define LINKTYPE_LINUX_SLL 113 /* Linux cooked socket capture */
#define LINKTYPE_LTALK 114 /* Apple LocalTalk hardware */
@@ -405,7 +409,7 @@
* DLT_ requested by Gianluca Varenni <gianluca.varenni@cacetech.com>.
* Every frame contains a 32bit A429 label.
* More documentation on Arinc 429 can be found at
* http://www.condoreng.com/support/downloads/tutorials/ARINCTutorial.pdf
* https://web.archive.org/web/20040616233302/https://www.condoreng.com/support/downloads/tutorials/ARINCTutorial.pdf
*/
#define LINKTYPE_A429 184
@@ -956,13 +960,15 @@
/*
* Link-layer header type for upper-protocol layer PDU saves from wireshark.
*
* the actual contents are determined by two TAGs stored with each
* packet:
* EXP_PDU_TAG_LINKTYPE the link type (LINKTYPE_ value) of the
* original packet.
* the actual contents are determined by two TAGs, one or more of
* which is stored with each packet:
*
* EXP_PDU_TAG_PROTO_NAME the name of the wireshark dissector
* that can make sense of the data stored.
* EXP_PDU_TAG_DISSECTOR_NAME the name of the Wireshark dissector
* that can make sense of the data stored.
*
* EXP_PDU_TAG_HEUR_DISSECTOR_NAME the name of the Wireshark heuristic
* dissector that can make sense of the
* data stored.
*/
#define LINKTYPE_WIRESHARK_UPPER_PDU 252
@@ -1234,10 +1240,11 @@ static struct linktype_map {
{ DLT_FR, LINKTYPE_FRELAY },
#endif
{ DLT_ATM_RFC1483, LINKTYPE_ATM_RFC1483 },
{ DLT_ATM_RFC1483, LINKTYPE_ATM_RFC1483 },
{ DLT_RAW, LINKTYPE_RAW },
{ DLT_SLIP_BSDOS, LINKTYPE_SLIP_BSDOS },
{ DLT_PPP_BSDOS, LINKTYPE_PPP_BSDOS },
{ DLT_HDLC, LINKTYPE_NETBSD_HDLC },
/* BSD/OS Cisco HDLC */
{ DLT_C_HDLC, LINKTYPE_C_HDLC },
@@ -1391,286 +1398,3 @@ max_snaplen_for_dlt(int dlt)
return MAXIMUM_SNAPLEN;
}
}
/*
* DLT_LINUX_SLL packets with a protocol type of LINUX_SLL_P_CAN or
* LINUX_SLL_P_CANFD have SocketCAN headers in front of the payload,
* with the CAN ID being in host byte order.
*
* When reading a DLT_LINUX_SLL capture file, we need to check for those
* packets and convert the CAN ID from the byte order of the host that
* wrote the file to this host's byte order.
*/
static void
swap_linux_sll_header(const struct pcap_pkthdr *hdr, u_char *buf)
{
u_int caplen = hdr->caplen;
u_int length = hdr->len;
struct sll_header *shdr = (struct sll_header *)buf;
uint16_t protocol;
pcap_can_socketcan_hdr *chdr;
if (caplen < (u_int) sizeof(struct sll_header) ||
length < (u_int) sizeof(struct sll_header)) {
/* Not enough data to have the protocol field */
return;
}
protocol = EXTRACT_BE_U_2(&shdr->sll_protocol);
if (protocol != LINUX_SLL_P_CAN && protocol != LINUX_SLL_P_CANFD)
return;
/*
* SocketCAN packet; fix up the packet's header.
*/
chdr = (pcap_can_socketcan_hdr *)(buf + sizeof(struct sll_header));
if (caplen < (u_int) sizeof(struct sll_header) + sizeof(chdr->can_id) ||
length < (u_int) sizeof(struct sll_header) + sizeof(chdr->can_id)) {
/* Not enough data to have the CAN ID */
return;
}
chdr->can_id = SWAPLONG(chdr->can_id);
}
/*
* The DLT_USB_LINUX and DLT_USB_LINUX_MMAPPED headers are in host
* byte order when capturing (it's supplied directly from a
* memory-mapped buffer shared by the kernel).
*
* When reading a DLT_USB_LINUX or DLT_USB_LINUX_MMAPPED capture file,
* we need to convert it from the byte order of the host that wrote
* the file to this host's byte order.
*/
static void
swap_linux_usb_header(const struct pcap_pkthdr *hdr, u_char *buf,
int header_len_64_bytes)
{
pcap_usb_header_mmapped *uhdr = (pcap_usb_header_mmapped *)buf;
bpf_u_int32 offset = 0;
/*
* "offset" is the offset *past* the field we're swapping;
* we skip the field *before* checking to make sure
* the captured data length includes the entire field.
*/
/*
* The URB id is a totally opaque value; do we really need to
* convert it to the reading host's byte order???
*/
offset += 8; /* skip past id */
if (hdr->caplen < offset)
return;
uhdr->id = SWAPLL(uhdr->id);
offset += 4; /* skip past various 1-byte fields */
offset += 2; /* skip past bus_id */
if (hdr->caplen < offset)
return;
uhdr->bus_id = SWAPSHORT(uhdr->bus_id);
offset += 2; /* skip past various 1-byte fields */
offset += 8; /* skip past ts_sec */
if (hdr->caplen < offset)
return;
uhdr->ts_sec = SWAPLL(uhdr->ts_sec);
offset += 4; /* skip past ts_usec */
if (hdr->caplen < offset)
return;
uhdr->ts_usec = SWAPLONG(uhdr->ts_usec);
offset += 4; /* skip past status */
if (hdr->caplen < offset)
return;
uhdr->status = SWAPLONG(uhdr->status);
offset += 4; /* skip past urb_len */
if (hdr->caplen < offset)
return;
uhdr->urb_len = SWAPLONG(uhdr->urb_len);
offset += 4; /* skip past data_len */
if (hdr->caplen < offset)
return;
uhdr->data_len = SWAPLONG(uhdr->data_len);
if (uhdr->transfer_type == URB_ISOCHRONOUS) {
offset += 4; /* skip past s.iso.error_count */
if (hdr->caplen < offset)
return;
uhdr->s.iso.error_count = SWAPLONG(uhdr->s.iso.error_count);
offset += 4; /* skip past s.iso.numdesc */
if (hdr->caplen < offset)
return;
uhdr->s.iso.numdesc = SWAPLONG(uhdr->s.iso.numdesc);
} else
offset += 8; /* skip USB setup header */
/*
* With the old header, there are no isochronous descriptors
* after the header.
*
* With the new header, the actual number of descriptors in
* the header is not s.iso.numdesc, it's ndesc - only the
* first N descriptors, for some value of N, are put into
* the header, and ndesc is set to the actual number copied.
* In addition, if s.iso.numdesc is negative, no descriptors
* are captured, and ndesc is set to 0.
*/
if (header_len_64_bytes) {
/*
* This is either the "version 1" header, with
* 16 bytes of additional fields at the end, or
* a "version 0" header from a memory-mapped
* capture, with 16 bytes of zeroed-out padding
* at the end. Byte swap them as if this were
* a "version 1" header.
*/
offset += 4; /* skip past interval */
if (hdr->caplen < offset)
return;
uhdr->interval = SWAPLONG(uhdr->interval);
offset += 4; /* skip past start_frame */
if (hdr->caplen < offset)
return;
uhdr->start_frame = SWAPLONG(uhdr->start_frame);
offset += 4; /* skip past xfer_flags */
if (hdr->caplen < offset)
return;
uhdr->xfer_flags = SWAPLONG(uhdr->xfer_flags);
offset += 4; /* skip past ndesc */
if (hdr->caplen < offset)
return;
uhdr->ndesc = SWAPLONG(uhdr->ndesc);
if (uhdr->transfer_type == URB_ISOCHRONOUS) {
/* swap the values in struct linux_usb_isodesc */
usb_isodesc *pisodesc;
uint32_t i;
pisodesc = (usb_isodesc *)(void *)(buf+offset);
for (i = 0; i < uhdr->ndesc; i++) {
offset += 4; /* skip past status */
if (hdr->caplen < offset)
return;
pisodesc->status = SWAPLONG(pisodesc->status);
offset += 4; /* skip past offset */
if (hdr->caplen < offset)
return;
pisodesc->offset = SWAPLONG(pisodesc->offset);
offset += 4; /* skip past len */
if (hdr->caplen < offset)
return;
pisodesc->len = SWAPLONG(pisodesc->len);
offset += 4; /* skip past padding */
pisodesc++;
}
}
}
}
/*
* The DLT_NFLOG "packets" have a mixture of big-endian and host-byte-order
* data. They begin with a fixed-length header with big-endian fields,
* followed by a set of TLVs, where the type and length are in host
* byte order but the values are either big-endian or are a raw byte
* sequence that's the same regardless of the host's byte order.
*
* When reading a DLT_NFLOG capture file, we need to convert the type
* and length values from the byte order of the host that wrote the
* file to the byte order of this host.
*/
static void
swap_nflog_header(const struct pcap_pkthdr *hdr, u_char *buf)
{
u_char *p = buf;
nflog_hdr_t *nfhdr = (nflog_hdr_t *)buf;
nflog_tlv_t *tlv;
u_int caplen = hdr->caplen;
u_int length = hdr->len;
uint16_t size;
if (caplen < (u_int) sizeof(nflog_hdr_t) ||
length < (u_int) sizeof(nflog_hdr_t)) {
/* Not enough data to have any TLVs. */
return;
}
if (nfhdr->nflog_version != 0) {
/* Unknown NFLOG version */
return;
}
length -= sizeof(nflog_hdr_t);
caplen -= sizeof(nflog_hdr_t);
p += sizeof(nflog_hdr_t);
while (caplen >= sizeof(nflog_tlv_t)) {
tlv = (nflog_tlv_t *) p;
/* Swap the type and length. */
tlv->tlv_type = SWAPSHORT(tlv->tlv_type);
tlv->tlv_length = SWAPSHORT(tlv->tlv_length);
/* Get the length of the TLV. */
size = tlv->tlv_length;
if (size % 4 != 0)
size += 4 - size % 4;
/* Is the TLV's length less than the minimum? */
if (size < sizeof(nflog_tlv_t)) {
/* Yes. Give up now. */
return;
}
/* Do we have enough data for the full TLV? */
if (caplen < size || length < size) {
/* No. */
return;
}
/* Skip over the TLV. */
length -= size;
caplen -= size;
p += size;
}
}
void
swap_pseudo_headers(int linktype, struct pcap_pkthdr *hdr, u_char *data)
{
/*
* Convert pseudo-headers from the byte order of
* the host on which the file was saved to our
* byte order, as necessary.
*/
switch (linktype) {
case DLT_LINUX_SLL:
swap_linux_sll_header(hdr, data);
break;
case DLT_USB_LINUX:
swap_linux_usb_header(hdr, data, 0);
break;
case DLT_USB_LINUX_MMAPPED:
swap_linux_usb_header(hdr, data, 1);
break;
case DLT_NFLOG:
swap_nflog_header(hdr, data);
break;
}
}

25
libpcap/pcap-common.h
View File

@@ -21,33 +21,8 @@
* pcap-common.h - common code for pcap and pcapng files
*/
/*
* We use the "receiver-makes-right" approach to byte order,
* because time is at a premium when we are writing the file.
* In other words, the pcap_file_header and pcap_pkthdr,
* records are written in host byte order.
* Note that the bytes of packet data are written out in the order in
* which they were received, so multi-byte fields in packets are not
* written in host byte order, they're written in whatever order the
* sending machine put them in.
*
* ntoh[ls] aren't sufficient because we might need to swap on a big-endian
* machine (if the file was written in little-end order).
*/
#define SWAPLONG(y) \
(((((u_int)(y))&0xff)<<24) | \
((((u_int)(y))&0xff00)<<8) | \
((((u_int)(y))&0xff0000)>>8) | \
((((u_int)(y))>>24)&0xff))
#define SWAPSHORT(y) \
((u_short)(((((u_int)(y))&0xff)<<8) | \
((((u_int)(y))&0xff00)>>8)))
extern int dlt_to_linktype(int dlt);
extern int linktype_to_dlt(int linktype);
extern void swap_pseudo_headers(int linktype, struct pcap_pkthdr *hdr,
u_char *data);
extern u_int max_snaplen_for_dlt(int dlt);

2
libpcap/pcap-config.1
View File

@@ -68,5 +68,5 @@ dynamically-linked version of libpcap; the
.B \-\-static
flag causes it to write flags appropriate for compiling with a
statically-linked version of libpcap.
.SH "SEE ALSO"
.SH SEE ALSO
.BR pcap (3PCAP)

102
libpcap/pcap-config.in
View File

@@ -12,13 +12,15 @@ prefix="@prefix@"
exec_prefix="@exec_prefix@"
includedir="@includedir@"
libdir="@libdir@"
V_RPATH_OPT="@V_RPATH_OPT@"
LIBS="@LIBS@"
PACKAGE_NAME="@PACKAGE_NAME@"
LIBS_STATIC="@LIBS_STATIC@"
VERSION="@PACKAGE_VERSION@"
static=0
static_pcap_only=0
show_cflags=0
show_libs=0
show_additional_libs=0
while [ "$#" != 0 ]
do
case "$1" in
@@ -27,6 +29,10 @@ do
static=1
;;
--static-pcap-only)
static_pcap_only=1
;;
--cflags)
show_cflags=1
;;
@@ -38,49 +44,107 @@ do
--additional-libs)
show_additional_libs=1
;;
-h|--help)
echo "Usage: pcap-config [ --help ] [--version] [ --static | --static-pcap-only ] [ --libs | --additional-libs ]"
exit 0
;;
--version)
echo "$VERSION"
exit 0
;;
*)
echo "pcap-config: Invalid command-line option $1 specified" 1>&2
echo "Usage: pcap-config [ --help ] [ --static | --static-pcap-only ] [ --libs | --additional-libs ]" 1>&2
exit 1
;;
esac
shift
done
if [ "$V_RPATH_OPT" != "" ]
#
# If we aren't installing in /usr, then provide a -L flag to let build
# processes find our library.
#
# (We must check $prefix, as $libdir isn't necessarily /usr/lib in this
# case - for example, Linux distributions for 64-bit platforms that
# also provide support for binaries for a 32-bit version of the
# platform may put the 64-bit libraries, the 32-bit libraries, or both
# in directories other than /usr/lib.)
#
if [ "$prefix" != "/usr" ]
then
#
# If libdir isn't /usr/lib, add it to the run-time linker path.
#
if [ "$libdir" != "/usr/lib" ]
then
RPATH=$V_RPATH_OPT$libdir
fi
LPATH=-L$libdir
fi
if [ "$static" = 1 ]
then
#
# Include LIBS so that the flags include libraries containing
# routines that libpcap uses.
# Include LIBS_STATIC so that the flags include libraries
# containing routines that libpcap uses, and libraries
# containing routines those libraries use, etc., so that a
# completely statically linked program - i.e., linked only with
# static libraries - will be linked with all necessary
# libraries.
#
if [ "$show_cflags" = 1 -a "$show_libs" = 1 ]
then
echo "-I$includedir -L$libdir -lpcap $LIBS"
echo "-I$includedir $LPATH -l@PACKAGE_NAME@ $LIBS_STATIC"
elif [ "$show_cflags" = 1 -a "$show_additional_libs" = 1 ]
then
echo "-I$includedir -L$libdir $LIBS"
echo "-I$includedir $LPATH $LIBS_STATIC"
elif [ "$show_cflags" = 1 ]
then
echo "-I$includedir"
elif [ "$show_libs" = 1 ]
then
echo "-L$libdir -lpcap $LIBS"
echo "$LPATH -l@PACKAGE_NAME@ $LIBS_STATIC"
elif [ "$show_additional_libs" = 1 ]
then
echo "$LIBS_STATIC"
fi
elif [ "$static_pcap_only" = 1 ]
then
#
# Include LIBS so that the flags include libraries
# containing routines that libpcap uses, but not the libraries
# on which libpcap depends, so that an otherwise
# dynamically-linked program, linked statically only with
# libpcap - i.e., linked with a static libpcap and dynamic
# versions of other libraries - will be linked with all
# necessary libraries.
#
if [ "$show_cflags" = 1 -a "$show_libs" = 1 ]
then
echo "-I$includedir $LPATH -l@PACKAGE_NAME@ $LIBS"
elif [ "$show_cflags" = 1 -a "$show_additional_libs" = 1 ]
then
echo "-I$includedir $LPATH $LIBS"
elif [ "$show_cflags" = 1 ]
then
echo "-I$includedir"
elif [ "$show_libs" = 1 ]
then
echo "$LPATH -l@PACKAGE_NAME@ $LIBS"
elif [ "$show_additional_libs" = 1 ]
then
echo "$LIBS"
fi
else
#
# Omit LIBS - libpcap is assumed to be linked with those
# libraries, so there's no need to do so explicitly.
# Don't included LIBS or LIBS_STATIC, for building a program
# with a dynamic libpcap; libpcap, being a dynamic library, will
# cause all of its dynamic-library dependencies to be pulled in
# at run time.
#
# Do, however, include RPATH, to make sure that, on platforms
# that require this, programs built with this version of
# libpcap can find it at run time.
#
if [ "$show_cflags" = 1 -a "$show_libs" = 1 ]
then
echo "-I$includedir -L$libdir $RPATH -l$PACKAGE_NAME"
echo "-I$includedir $LPATH @RPATH@ -l@PACKAGE_NAME@"
elif [ "$show_cflags" = 1 -a "$show_additional_libs" = 1 ]
then
echo "-I$includedir"
@@ -89,6 +153,6 @@ else
echo "-I$includedir"
elif [ "$show_libs" = 1 ]
then
echo "-L$libdir $RPATH -l$PACKAGE_NAME"
echo "$LPATH @RPATH@ -l@PACKAGE_NAME@"
fi
fi

34
libpcap/pcap-dag.c
View File

@@ -213,7 +213,7 @@ static int dag_get_datalink(pcap_t *p);
static int dag_setnonblock(pcap_t *p, int nonblock);
static void
delete_pcap_dag(pcap_t *p)
delete_pcap_dag(const pcap_t *p)
{
pcap_dag_node_t *curr = NULL, *prev = NULL;
@@ -299,7 +299,7 @@ new_pcap_dag(pcap_t *p)
}
static unsigned int
dag_erf_ext_header_count(uint8_t * erf, size_t len)
dag_erf_ext_header_count(const uint8_t *erf, size_t len)
{
uint32_t hdr_num = 0;
uint8_t hdr_type;
@@ -391,7 +391,12 @@ dag_read(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
}
/* Process the packets. */
/*
* Process the packets.
*
* This assumes that a single buffer of packets will have
* <= INT_MAX packets, so the packet count doesn't overflow.
*/
while (pd->dag_mem_top - pd->dag_mem_bottom >= dag_record_size) {
unsigned short packet_len = 0;
@@ -731,7 +736,7 @@ dag_inject(pcap_t *p, const void *buf _U_, int size _U_)
* API polling parameters.
*
* snaplen is now also ignored, until we get per-stream slen support. Set
* slen with approprite DAG tool BEFORE pcap_activate().
* slen with appropriate DAG tool BEFORE pcap_activate().
*
* See also pcap(3).
*/
@@ -788,14 +793,23 @@ static int dag_activate(pcap_t* p)
/*
* XXX - does this reliably set errno?
*/
if (errno == ENOENT)
if (errno == ENOENT) {
/*
* There's nothing more to say, so clear
* the error message.
*/
ret = PCAP_ERROR_NO_SUCH_DEVICE;
else if (errno == EPERM || errno == EACCES)
p->errbuf[0] = '\0';
} else if (errno == EPERM || errno == EACCES) {
ret = PCAP_ERROR_PERM_DENIED;
else
snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
"Attempt to open %s failed with %s - additional privileges may be required",
device, (errno == EPERM) ? "EPERM" : "EACCES");
} else {
ret = PCAP_ERROR;
pcap_fmt_errmsg_for_errno(p->errbuf, PCAP_ERRBUF_SIZE,
errno, "dag_config_init %s", device);
pcap_fmt_errmsg_for_errno(p->errbuf, PCAP_ERRBUF_SIZE,
errno, "dag_config_init %s", device);
}
goto fail;
}
@@ -945,7 +959,7 @@ static int dag_activate(pcap_t* p)
* Did the user request that they not be stripped?
*/
if ((s = getenv("ERF_DONT_STRIP_FCS")) != NULL) {
/* Yes. Note the number of bytes that will be
/* Yes. Note the number of 16-bit words that will be
supplied. */
p->linktype_ext = LT_FCS_DATALINK_EXT(pd->dag_fcs_bits/16);

6
libpcap/pcap-dll.rc
View File

@@ -20,12 +20,12 @@
VALUE "Comments", "https://github.com/the-tcpdump-group/libpcap/"
VALUE "CompanyName", "The TCPdump Group"
VALUE "FileDescription", "System-Independent Interface for User-Level Packet Capture"
VALUE "FileVersion", "PACKAGE_VERSION_DLL"
VALUE "FileVersion", PACKAGE_VERSION
VALUE "InternalName", PACKAGE_NAME
VALUE "LegalCopyright", "Copyright (c) The TCPdump Group"
VALUE "LegalTrademarks", ""
VALUE "OriginalFilename", "wpcap.dll"
VALUE "ProductName", PACKAGE_NAME
VALUE "OriginalFilename", PACKAGE_NAME ".dll"
VALUE "ProductName", "libpcap"
VALUE "ProductVersion", PACKAGE_VERSION
END
END

78
libpcap/pcap-dlpi.c
View File

@@ -146,7 +146,7 @@ static int dl_dohpuxbind(int, char *);
static int dlpromiscon(pcap_t *, bpf_u_int32);
static int dlbindreq(int, bpf_u_int32, char *);
static int dlbindack(int, char *, char *, int *);
static int dlokack(int, const char *, char *, char *);
static int dlokack(int, const char *, char *, char *, int *);
static int dlinforeq(int, char *);
static int dlinfoack(int, char *, char *);
@@ -366,8 +366,12 @@ open_dlpi_device(const char *name, u_int *ppa, char *errbuf)
* chop off the unit number, so "dname" is just a device type name.
*/
cp = split_dname(dname, &unit, errbuf);
if (cp == NULL)
if (cp == NULL) {
/*
* split_dname() has filled in the error message.
*/
return (PCAP_ERROR_NO_SUCH_DEVICE);
}
*cp = '\0';
/*
@@ -383,12 +387,16 @@ open_dlpi_device(const char *name, u_int *ppa, char *errbuf)
*/
cp = "/dev/dlpi";
if ((fd = open(cp, O_RDWR)) < 0) {
if (errno == EPERM || errno == EACCES)
if (errno == EPERM || errno == EACCES) {
status = PCAP_ERROR_PERM_DENIED;
else
snprintf(errbuf, PCAP_ERRBUF_SIZE,
"Attempt to open %s failed with %s - root privilege may be required",
cp, (errno == EPERM) ? "EPERM" : "EACCES");
} else {
status = PCAP_ERROR;
pcap_fmt_errmsg_for_errno(errbuf, PCAP_ERRBUF_SIZE,
errno, "%s", cp);
pcap_fmt_errmsg_for_errno(errbuf, PCAP_ERRBUF_SIZE,
errno, "Attempt to open %s failed", cp);
}
return (status);
}
@@ -419,8 +427,12 @@ open_dlpi_device(const char *name, u_int *ppa, char *errbuf)
* type name.
*/
cp = split_dname(dname, ppa, errbuf);
if (cp == NULL)
if (cp == NULL) {
/*
* split_dname() has filled in the error message.
*/
return (PCAP_ERROR_NO_SUCH_DEVICE);
}
/*
* Make a copy of the device pathname, and then remove the unit
@@ -432,12 +444,18 @@ open_dlpi_device(const char *name, u_int *ppa, char *errbuf)
/* Try device without unit number */
if ((fd = open(dname, O_RDWR)) < 0) {
if (errno != ENOENT) {
if (errno == EPERM || errno == EACCES)
if (errno == EPERM || errno == EACCES) {
status = PCAP_ERROR_PERM_DENIED;
else
snprintf(errbuf, PCAP_ERRBUF_SIZE,
"Attempt to open %s failed with %s - root privilege may be required",
dname,
(errno == EPERM) ? "EPERM" : "EACCES");
} else {
status = PCAP_ERROR;
pcap_fmt_errmsg_for_errno(errbuf, PCAP_ERRBUF_SIZE,
errno, "%s", dname);
pcap_fmt_errmsg_for_errno(errbuf,
PCAP_ERRBUF_SIZE, errno,
"Attempt to open %s failed", dname);
}
return (status);
}
@@ -472,12 +490,19 @@ open_dlpi_device(const char *name, u_int *ppa, char *errbuf)
snprintf(errbuf, PCAP_ERRBUF_SIZE,
"%s: No DLPI device found", name);
} else {
if (errno == EPERM || errno == EACCES)
if (errno == EPERM || errno == EACCES) {
status = PCAP_ERROR_PERM_DENIED;
else
snprintf(errbuf, PCAP_ERRBUF_SIZE,
"Attempt to open %s failed with %s - root privilege may be required",
dname2,
(errno == EPERM) ? "EPERM" : "EACCES");
} else {
status = PCAP_ERROR;
pcap_fmt_errmsg_for_errno(errbuf,
PCAP_ERRBUF_SIZE, errno, "%s", dname2);
pcap_fmt_errmsg_for_errno(errbuf,
PCAP_ERRBUF_SIZE, errno,
"Attempt to open %s failed",
dname2);
}
}
return (status);
}
@@ -915,7 +940,7 @@ dl_doattach(int fd, int ppa, char *ebuf)
if (send_request(fd, (char *)&req, sizeof(req), "attach", ebuf) < 0)
return (PCAP_ERROR);
err = dlokack(fd, "attach", (char *)buf, ebuf);
err = dlokack(fd, "attach", (char *)buf, ebuf, NULL);
if (err < 0)
return (err);
return (0);
@@ -980,6 +1005,7 @@ dlpromiscon(pcap_t *p, bpf_u_int32 level)
dl_promiscon_req_t req;
bpf_u_int32 buf[MAXDLBUF];
int err;
int uerror;
req.dl_primitive = DL_PROMISCON_REQ;
req.dl_level = level;
@@ -987,9 +1013,16 @@ dlpromiscon(pcap_t *p, bpf_u_int32 level)
p->errbuf) < 0)
return (PCAP_ERROR);
err = dlokack(p->fd, "promiscon" STRINGIFY(level), (char *)buf,
p->errbuf);
if (err < 0)
p->errbuf, &uerror);
if (err < 0) {
if (err == PCAP_ERROR_PERM_DENIED) {
snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
"Attempt to set promiscuous mode failed with %s - root privilege may be required",
(uerror == EPERM) ? "EPERM" : "EACCES");
err = PCAP_ERROR_PROMISC_PERM_DENIED;
}
return (err);
}
return (0);
}
@@ -1196,6 +1229,9 @@ recv_ack(int fd, int size, const char *what, char *bufp, char *ebuf, int *uerror
break;
default:
/*
* Neither EPERM nor EACCES.
*/
snprintf(ebuf, PCAP_ERRBUF_SIZE,
"recv_ack: %s: %s", what,
dlstrerror(errmsgbuf, sizeof (errmsgbuf), dlp->error_ack.dl_errno));
@@ -1452,10 +1488,10 @@ dlbindack(int fd, char *bufp, char *ebuf, int *uerror)
}
static int
dlokack(int fd, const char *what, char *bufp, char *ebuf)
dlokack(int fd, const char *what, char *bufp, char *ebuf, int *uerror)
{
return (recv_ack(fd, DL_OK_ACK_SIZE, what, bufp, ebuf, NULL));
return (recv_ack(fd, DL_OK_ACK_SIZE, what, bufp, ebuf, uerror));
}
@@ -1490,7 +1526,7 @@ dlpassive(int fd, char *ebuf)
req.dl_primitive = DL_PASSIVE_REQ;
if (send_request(fd, (char *)&req, sizeof(req), "dlpassive", ebuf) == 0)
(void) dlokack(fd, "dlpassive", (char *)buf, ebuf);
(void) dlokack(fd, "dlpassive", (char *)buf, ebuf, NULL);
}
#endif

26
libpcap/pcap-dos.c
View File

@@ -12,6 +12,7 @@
#include <signal.h>
#include <float.h>
#include <fcntl.h>
#include <limits.h> /* for INT_MAX */
#include <io.h>
#if defined(USE_32BIT_DRIVERS)
@@ -355,7 +356,22 @@ pcap_read_dos (pcap_t *p, int cnt, pcap_handler callback, u_char *data)
{
int rc, num = 0;
while (num <= cnt || PACKET_COUNT_IS_UNLIMITED(cnt))
/*
* This can conceivably process more than INT_MAX packets,
* which would overflow the packet count, causing it either
* to look like a negative number, and thus cause us to
* return a value that looks like an error, or overflow
* back into positive territory, and thus cause us to
* return a too-low count.
*
* Therefore, if the packet count is unlimited, we clip
* it at INT_MAX; this routine is not expected to
* process packets indefinitely, so that's not an issue.
*/
if (PACKET_COUNT_IS_UNLIMITED(cnt))
cnt = INT_MAX;
while (num <= cnt)
{
if (p->fd <= 0)
return (-1);
@@ -553,7 +569,7 @@ int pcap_lookupnet (const char *device, bpf_u_int32 *localnet,
/*
* Get a list of all interfaces that are present and that we probe okay.
* Returns -1 on error, 0 otherwise.
* The list may be NULL epty if no interfaces were up and could be opened.
* The list may be NULL empty if no interfaces were up and could be opened.
*/
int pcap_platform_finddevs (pcap_if_list_t *devlistp, char *errbuf)
{
@@ -1188,14 +1204,14 @@ static void ndis_close (struct device *dev)
static int ndis_open (struct device *dev)
{
int promis = (dev->flags & IFF_PROMISC);
int promisc = (dev->flags & IFF_PROMISC);
#ifdef USE_NDIS2
if (!NdisInit(promis))
if (!NdisInit(promisc))
return (0);
return (1);
#else
ARGSUSED (promis);
ARGSUSED (promisc);
return (0);
#endif
}

22
libpcap/pcap-dpdk.c
View File

@@ -50,7 +50,7 @@ sed -i 's/CONFIG_RTE_BUILD_SHARED_LIB=n/CONFIG_RTE_BUILD_SHARED_LIB=y/' $RTE_SDK
You shall learn how to bind nic with DPDK-compatible driver by $RTE_SDK/usertools/dpdk-devbind.py, such as igb_uio.
And enable hugepages by dpdk-setup.sh
Then launch the l2fwd with dynamic dirver support. For example:
Then launch the l2fwd with dynamic driver support. For example:
$RTE_SDK/examples/l2fwd/$RTE_TARGET/l2fwd -dlibrte_pmd_e1000.so -dlibrte_pmd_ixgbe.so -dlibrte_mempool_ring.so -- -p 0x1
3. Compile libpcap with dpdk options.
@@ -85,6 +85,7 @@ env DPDK_CFG="--log-level=debug -l0 -dlibrte_pmd_e1000.so -dlibrte_pmd_ixgbe.so
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <limits.h> /* for INT_MAX */
#include <time.h>
#include <sys/time.h>
@@ -331,13 +332,28 @@ static int pcap_dpdk_dispatch(pcap_t *p, int max_cnt, pcap_handler cb, u_char *c
u_char *large_buffer=NULL;
int timeout_ms = p->opt.timeout;
if ( !PACKET_COUNT_IS_UNLIMITED(max_cnt) && max_cnt < MAX_PKT_BURST){
/*
* This can conceivably process more than INT_MAX packets,
* which would overflow the packet count, causing it either
* to look like a negative number, and thus cause us to
* return a value that looks like an error, or overflow
* back into positive territory, and thus cause us to
* return a too-low count.
*
* Therefore, if the packet count is unlimited, we clip
* it at INT_MAX; this routine is not expected to
* process packets indefinitely, so that's not an issue.
*/
if (PACKET_COUNT_IS_UNLIMITED(max_cnt))
max_cnt = INT_MAX;
if (max_cnt < MAX_PKT_BURST){
burst_cnt = max_cnt;
}else{
burst_cnt = MAX_PKT_BURST;
}
while( PACKET_COUNT_IS_UNLIMITED(max_cnt) || pkt_cnt < max_cnt){
while( pkt_cnt < max_cnt){
if (p->break_loop){
p->break_loop = 0;
return PCAP_ERROR_BREAK;

417
libpcap/pcap-filter.manmisc.in
View File

@@ -18,14 +18,14 @@
.\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
.\"
.TH PCAP-FILTER @MAN_MISC_INFO@ "6 February 2021"
.TH PCAP-FILTER @MAN_MISC_INFO@ "19 November 2022"
.SH NAME
pcap-filter \- packet filter syntax
.br
.ad
.SH DESCRIPTION
.LP
.BR pcap_compile ()
.BR pcap_compile (3PCAP)
is used to compile a string into a filter program.
The resulting filter program can then be applied to
some stream of packets to determine which packets will be supplied to
@@ -88,7 +88,7 @@ qualifiers are only valid for IEEE 802.11 Wireless LAN link layers.
.I proto
qualifiers restrict the match to a particular protocol.
Possible
protos are:
protocols are:
.BR ether ,
.BR fddi ,
.BR tr ,
@@ -98,18 +98,19 @@ protos are:
.BR arp ,
.BR rarp ,
.BR decnet ,
.BR sctp ,
.B tcp
and
.BR udp .
E.g., `\fBether src\fP foo', `\fBarp net\fP 128.3', `\fBtcp port\fP 21',
`\fBudp portrange\fP 7000-7009', `\fBwlan addr2\fP 0:2:3:4:5:6'.
If there is
no proto qualifier, all protocols consistent with the type are
assumed.
E.g., `\fBsrc\fP foo' means `\fB(ip or arp or rarp) src\fP foo'
(except the latter is not legal syntax), `\fBnet\fP bar' means `\fB(ip or
arp or rarp) net\fP bar' and `\fBport\fP 53' means `\fB(tcp or udp)
port\fP 53'.
If there is no
.I proto
qualifier, all protocols consistent with the type are assumed.
E.g., `\fBsrc\fP foo' means `\fB(ip or arp or rarp) src\fP foo',
`\fBnet\fP bar' means `\fB(ip or arp or rarp) net\fP bar' and
`\fBport\fP 53' means `\fB(tcp or udp or sctp) port\fP 53'
(note that these examples use invalid syntax to illustrate the principle).
.LP
[\fBfddi\fP is actually an alias for \fBether\fP; the parser treats them
identically as meaning ``the data link level used on the specified
@@ -149,40 +150,40 @@ E.g.,
`\fBtcp dst port\fP ftp \fBor tcp dst port\fP ftp-data \fBor tcp dst port\fP domain'.
.LP
Allowable primitives are:
.IP "\fBdst host \fIhost\fR"
True if the IPv4/v6 destination field of the packet is \fIhost\fP,
.IP "\fBdst host \fIhostnameaddr\fR"
True if the IPv4/v6 destination field of the packet is \fIhostnameaddr\fP,
which may be either an address or a name.
.IP "\fBsrc host \fIhost\fR"
True if the IPv4/v6 source field of the packet is \fIhost\fP.
.IP "\fBhost \fIhost\fP"
True if either the IPv4/v6 source or destination of the packet is \fIhost\fP.
.IP "\fBsrc host \fIhostnameaddr\fR"
True if the IPv4/v6 source field of the packet is \fIhostnameaddr\fP.
.IP "\fBhost \fIhostnameaddr\fP"
True if either the IPv4/v6 source or destination of the packet is \fIhostnameaddr\fP.
.IP
Any of the above host expressions can be prepended with the keywords,
\fBip\fP, \fBarp\fP, \fBrarp\fP, or \fBip6\fP as in:
.in +.5i
.nf
\fBip host \fIhost\fR
\fBip host \fIhostnameaddr\fR
.fi
.in -.5i
which is equivalent to:
.in +.5i
.nf
\fBether proto \\ip and host \fIhost\fR
\fBether proto \\\fRip \fBand host \fIhostnameaddr\fR
.fi
.in -.5i
If \fIhost\fR is a name with multiple IPv4 addresses, each address will
If \fIhostnameaddr\fR is a name with multiple IPv4/v6 addresses, each address will
be checked for a match.
.IP "\fBether dst \fIehost\fP"
True if the Ethernet destination address is \fIehost\fP.
\fIEhost\fP
.IP "\fBether dst \fIethernameaddr\fP"
True if the Ethernet destination address is \fIethernameaddr\fP.
\fIethernameaddr\fP
may be either a name from /etc/ethers or a numerical MAC address of the
form "xx:xx:xx:xx:xx:xx", "xx.xx.xx.xx.xx.xx", "xx-xx-xx-xx-xx-xx",
"xxxx.xxxx.xxxx", "xxxxxxxxxxxx", or various mixes of ':', '.', and '-',
where each "x" is a hex digit (0-9, a-f, or A-F).
.IP "\fBether src \fIehost\fP"
True if the Ethernet source address is \fIehost\fP.
.IP "\fBether host \fIehost\fP"
True if either the Ethernet source or destination address is \fIehost\fP.
.IP "\fBether src \fIethernameaddr\fP"
True if the Ethernet source address is \fIethernameaddr\fP.
.IP "\fBether host \fIethernameaddr\fP"
True if either the Ethernet source or destination address is \fIethernameaddr\fP.
.IP "\fBgateway\fP \fIhost\fP"
True if the packet used \fIhost\fP as a gateway.
I.e., the Ethernet
@@ -195,14 +196,14 @@ host-name-to-Ethernet-address resolution mechanism (/etc/ethers, etc.).
(An equivalent expression is
.in +.5i
.nf
\fBether host \fIehost \fBand not host \fIhost\fR
\fBether host \fIethernameaddr \fBand not host \fIhostnameaddr\fR
.fi
.in -.5i
which can be used with either names or numbers for \fIhost / ehost\fP.)
which can be used with either names or numbers for \fIhostnameaddr / ethernameaddr\fP.)
This syntax does not work in IPv6-enabled configuration at this moment.
.IP "\fBdst net \fInet\fR"
.IP "\fBdst net \fInetnameaddr\fR"
True if the IPv4/v6 destination address of the packet has a network
number of \fInet\fP.
number of \fInetnameaddr\fP.
\fINet\fP may be either a name from the networks database
(/etc/networks, etc.) or a network number.
An IPv4 network number can be written as a dotted quad (e.g., 192.168.1.0),
@@ -213,24 +214,24 @@ triple, 255.255.0.0 for a dotted pair, or 255.0.0.0 for a single number.
An IPv6 network number must be written out fully; the netmask is
ff:ff:ff:ff:ff:ff:ff:ff, so IPv6 "network" matches are really always
host matches, and a network match requires a netmask length.
.IP "\fBsrc net \fInet\fR"
.IP "\fBsrc net \fInetnameaddr\fR"
True if the IPv4/v6 source address of the packet has a network
number of \fInet\fP.
.IP "\fBnet \fInet\fR"
number of \fInetnameaddr\fP.
.IP "\fBnet \fInetnameaddr\fR"
True if either the IPv4/v6 source or destination address of the packet has a network
number of \fInet\fP.
.IP "\fBnet \fInet\fR \fBmask \fInetmask\fR"
True if the IPv4 address matches \fInet\fR with the specific \fInetmask\fR.
number of \fInetnameaddr\fP.
.IP "\fBnet \fInetaddr\fR \fBmask \fInetmask\fR"
True if the IPv4 address matches \fInetaddr\fR with the specific \fInetmask\fR.
May be qualified with \fBsrc\fR or \fBdst\fR.
Note that this syntax is not valid for IPv6 \fInet\fR.
.IP "\fBnet \fInet\fR/\fIlen\fR"
True if the IPv4/v6 address matches \fInet\fR with a netmask \fIlen\fR
Note that this syntax is not valid for IPv6 \fInetaddr\fR.
.IP "\fBnet \fInetaddr\fR/\fIlen\fR"
True if the IPv4/v6 address matches \fInetaddr\fR with a netmask \fIlen\fR
bits wide.
May be qualified with \fBsrc\fR or \fBdst\fR.
.IP "\fBdst port \fIport\fR"
True if the packet is IPv4 TCP, IPv4 UDP, IPv6 TCP or IPv6 UDP and has a
destination port value of \fIport\fP.
The \fIport\fP can be a number or a name used in /etc/services (see
.IP "\fBdst port \fIportnamenum\fR"
True if the packet is IPv4/v6 TCP, UDP or SCTP and has a
destination port value of \fIportnamenum\fP.
The \fIportnamenum\fP can be a number or a name used in /etc/services (see
.BR tcp (4P)
and
.BR udp (4P)).
@@ -238,37 +239,37 @@ If a name is used, both the port
number and protocol are checked.
If a number or ambiguous name is used,
only the port number is checked (e.g., `\fBdst port\fR 513' will print both
tcp/login traffic and udp/who traffic, and `\fBport domain\fR' will print
tcp/login traffic and udp/who traffic, and `\fBport\fR domain' will print
both tcp/domain and udp/domain traffic).
.IP "\fBsrc port \fIport\fR"
True if the packet has a source port value of \fIport\fP.
.IP "\fBport \fIport\fR"
True if either the source or destination port of the packet is \fIport\fP.
.IP "\fBdst portrange \fIport1-port2\fR"
True if the packet is IPv4 TCP, IPv4 UDP, IPv6 TCP or IPv6 UDP and has a
destination port value between \fIport1\fP and \fIport2\fP (both inclusive).
.I port1
.IP "\fBsrc port \fIportnamenum\fR"
True if the packet has a source port value of \fIportnamenum\fP.
.IP "\fBport \fIportnamenum\fR"
True if either the source or destination port of the packet is \fIportnamenum\fP.
.IP "\fBdst portrange \fIportnamenum1-portnamenum2\fR"
True if the packet is IPv4/v6 TCP, UDP or SCTP and has a
destination port value between \fIportnamenum1\fP and \fIportnamenum2\fP (both inclusive).
.I portnamenum1
and
.I port2
.I portnamenum2
are interpreted in the same fashion as the
.I port
.I portnamenum
parameter for
.BR port .
.IP "\fBsrc portrange \fIport1-port2\fR"
True if the packet has a source port value between \fIport1\fP and
\fIport2\fP (both inclusive).
.IP "\fBportrange \fIport1-port2\fR"
.IP "\fBsrc portrange \fIportnamenum1-portnamenum2\fR"
True if the packet has a source port value between \fIportnamenum1\fP and
\fIportnamenum2\fP (both inclusive).
.IP "\fBportrange \fIportnamenum1-portnamenum2\fR"
True if either the source or destination port of the packet is between
\fIport1\fP and \fIport2\fP (both inclusive).
\fIportnamenum1\fP and \fIportnamenum2\fP (both inclusive).
.IP
Any of the above port or port range expressions can be prepended with
the keywords, \fBtcp\fP or \fBudp\fP, as in:
the keywords, \fBtcp\fP, \fBudp\fP or \fBsctp\fP, as in:
.in +.5i
.nf
\fBtcp src port \fIport\fR
\fBtcp src port \fIportnamenum\fR
.fi
.in -.5i
which matches only TCP packets whose source port is \fIport\fP.
which matches only TCP packets whose source port is \fIportnamenum\fP.
.IP "\fBless \fIlength\fR"
True if the packet has a length less than or equal to \fIlength\fP.
This is equivalent to:
@@ -289,24 +290,59 @@ This is equivalent to:
True if the packet is an IPv4 packet (see
.BR ip (4P))
of protocol type \fIprotocol\fP.
\fIProtocol\fP can be a number or one of the names
\fBicmp\fP, \fBicmp6\fP, \fBigmp\fP, \fBigrp\fP, \fBpim\fP, \fBah\fP,
\fBesp\fP, \fBvrrp\fP, \fBudp\fP, or \fBtcp\fP.
Note that the identifiers \fBtcp\fP, \fBudp\fP, and \fBicmp\fP are also
keywords and must be escaped via backslash (\\).
\fIProtocol\fP can be a number or one of the names recognized by
.BR getprotobyname (3)
(as in e.g. `\fBgetent\fR(1) protocols'), typically from an entry in
.IR \%/etc/protocols ,
for example:
.BR ah ,
.BR esp ,
.B eigrp
(only in Linux, FreeBSD, NetBSD, DragonFly BSD, and macOS),
.BR icmp ,
.BR igmp ,
.B igrp
(only in OpenBSD),
.BR pim ,
.BR sctp ,
.BR tcp ,
.B udp
or
.BR vrrp .
Note that most of these example identifiers
are also keywords and must be escaped via backslash (\\).
Note that this primitive does not chase the protocol header chain.
.IP "\fBicmp\fR"
Abbreviation for:
.in +.5i
.nf
\fBip proto\fR 1
.fi
.in -.5i
.IP "\fBip6 proto \fIprotocol\fR"
True if the packet is an IPv6 packet of protocol type \fIprotocol\fP.
(See `\fBip proto\fP' above for the meaning of \fIprotocol\fR.)
Note that the IPv6 variant of ICMP uses a different protocol number, named
.B \%ipv6-icmp
in AIX, FreeBSD, illumos, Linux, macOS, NetBSD, OpenBSD, Solaris and Windows.
Note that this primitive does not chase the protocol header chain.
.IP "\fBicmp6\fR"
Abbreviation for:
.in +.5i
.nf
\fBip6 proto\fR 58
.fi
.in -.5i
.IP "\fBproto \fIprotocol\fR"
True if the packet is an IPv4 or IPv6 packet of protocol type
\fIprotocol\fP. Note that this primitive does not chase the protocol
\fIprotocol\fP. (See `\fBip proto\fP' above for the meaning of
\fIprotocol\fP.) Note that this primitive does not chase the protocol
header chain.
.IP "\fBtcp\fR, \fBudp\fR, \fBicmp\fR"
.IP "\fBah\fR, \fBesp\fR, \fBpim\fR, \fBsctp\fR, \fBtcp\fR, \fBudp\fR"
Abbreviations for:
.in +.5i
.nf
\fBproto \\\fIprotocol\fR\fB
\fBproto \\\fIprotocol\fR
.fi
.in -.5i
where \fIprotocol\fR is one of the above protocols.
@@ -314,6 +350,7 @@ where \fIprotocol\fR is one of the above protocols.
True if the packet is IPv6 packet,
and contains protocol header with type \fIprotocol\fR
in its protocol header chain.
(See `\fBip proto\fP' above for the meaning of \fIprotocol\fP.)
For example,
.in +.5i
.nf
@@ -330,9 +367,11 @@ filter engines in the kernel, so this can be somewhat slow, and may
cause more packets to be dropped.
.IP "\fBip protochain \fIprotocol\fR"
Equivalent to \fBip6 protochain \fIprotocol\fR, but this is for IPv4.
(See `\fBip proto\fP' above for the meaning of \fIprotocol\fP.)
.IP "\fBprotochain \fIprotocol\fR"
True if the packet is an IPv4 or IPv6 packet of protocol type
\fIprotocol\fP. Note that this primitive chases the protocol
\fIprotocol\fP. (See `\fBip proto\fP' above for the meaning of
\fIprotocol\fP.) Note that this primitive chases the protocol
header chain.
.IP "\fBether broadcast\fR"
True if the packet is an Ethernet broadcast packet.
@@ -434,19 +473,19 @@ where \fIprotocol\fR is one of the above protocols.
Note that not all applications using
.BR pcap (3PCAP)
currently know how to parse these protocols.
.IP "\fBdecnet src \fIhost\fR"
.IP "\fBdecnet src \fIdecnetaddr\fR"
True if the DECnet source address is
.IR host ,
.IR decnetaddr ,
which may be an address of the form ``10.123'', or a DECnet host
name.
[DECnet host name support is only available on ULTRIX systems
that are configured to run DECnet.]
.IP "\fBdecnet dst \fIhost\fR"
.IP "\fBdecnet dst \fIdecnetaddr\fR"
True if the DECnet destination address is
.IR host .
.IP "\fBdecnet host \fIhost\fR"
.IR decnetaddr .
.IP "\fBdecnet host \fIdecnetaddr\fR"
True if either the DECnet source or destination address is
.IR host .
.IR decnetaddr .
.IP \fBllc\fP
True if the packet has an 802.2 LLC header. This includes:
.IP
@@ -535,11 +574,11 @@ modifier.
.IP "\fBreason \fIcode\fR"
True if the packet was logged with the specified PF reason code. The known
codes are:
.BR match ,
.BR bad-offset ,
.BR fragment ,
.BR short ,
.BR normalize ,
.BR \%match ,
.BR \%bad-offset ,
.BR \%fragment ,
.BR \%short ,
.BR \%normalize ,
and
.B memory
(applies only to packets logged by OpenBSD's or FreeBSD's
@@ -639,27 +678,28 @@ then valid \fIwlan_subtype\fRs are:
.IP
If the specified \fIwlan_type\fR is \fBdata\fP,
then valid \fIwlan_subtype\fRs are:
\fBdata\fP,
\fBdata-cf-ack\fP,
\fBdata-cf-poll\fP,
\fBdata-cf-ack-poll\fP,
\fBnull\fP,
\fBcf-ack\fP,
\fBcf-poll\fP,
\fBcf-ack-poll\fP,
\fBqos-data\fP,
\fBqos-data-cf-ack\fP,
\fBqos-data-cf-poll\fP,
\fBqos-data-cf-ack-poll\fP,
\fBqos\fP,
\fBqos-cf-poll\fP and
\fBqos-cf-ack-poll\fP.
.BR \%data ,
.BR \%data-cf-ack ,
.BR \%data-cf-poll ,
.BR \%data-cf-ack-poll ,
.BR \%null ,
.BR \%cf-ack ,
.BR \%cf-poll ,
.BR \%cf-ack-poll ,
.BR \%qos-data ,
.BR \%qos-data-cf-ack ,
.BR \%qos-data-cf-poll ,
.BR \%qos-data-cf-ack-poll ,
.BR \%qos ,
.B \%qos-cf-poll
and
.BR \%qos-cf-ack-poll .
.IP "\fBsubtype \fIwlan_subtype\fR"
True if the IEEE 802.11 frame subtype matches the specified \fIwlan_subtype\fR
and frame has the type to which the specified \fIwlan_subtype\fR belongs.
.IP "\fBdir \fIdir\fR"
.IP "\fBdir \fIdirection\fR"
True if the IEEE 802.11 frame direction matches the specified
.IR dir .
.IR direction .
Valid directions are:
.BR nods ,
.BR tods ,
@@ -815,30 +855,98 @@ Connect Ack, Release, or Release Done message.
True if the packet is an ATM packet, for SunATM on Solaris, and is
on a meta signaling circuit and is a Q.2931 Setup, Call Proceeding, Connect,
Release, or Release Done message.
.IP "\fIexpr relop expr\fR"
True if the relation holds, where \fIrelop\fR is one of >, <, >=, <=, =,
!=, and \fIexpr\fR is an arithmetic expression composed of integer
constants (expressed in standard C syntax), the normal binary operators
[+, -, *, /, %, &, |, ^, <<, >>], a length operator, and special packet data
.IP "\fIexpr1 relop expr2\fR"
True if the relation holds. \fIRelop\fR is one of
.RB { > ,
.BR < ,
.BR >= ,
.BR <= ,
.BR = ,
.BR == ,
.BR != }
(where
.B =
means the same as
.BR == ).
Each of \fIexpr1\fR and \fIexpr2\fR is an arithmetic expression composed of
integer constants (expressed in standard C syntax), the normal binary operators
.RB { + ,
.BR - ,
.BR * ,
.BR / ,
.BR % ,
.BR & ,
.BR | ,
.BR ^ ,
.BR << ,
.BR >> },
a length operator, and special packet data
accessors. Note that all comparisons are unsigned, so that, for example,
0x80000000 and 0xffffffff are > 0.
.IP
The % and ^ operators are currently only supported for filtering in the
kernel on Linux with 3.7 and later kernels; on all other systems, if
The
.B %
and
.B ^
operators are currently only supported for filtering in the kernel on
particular operating systems (for example: FreeBSD, Linux with 3.7 and later
kernels, NetBSD); on all other systems (for example: AIX, illumos, Solaris,
OpenBSD), if
those operators are used, filtering will be done in user mode, which
will increase the overhead of capturing packets and may cause more
packets to be dropped.
.IP
The length operator, indicated by the keyword \fBlen\fP, gives the
length of the packet.
.IP
To access data inside the packet, use the following syntax:
.in +.5i
.nf
\fIproto\fB [ \fIexpr\fB : \fIsize\fB ]\fR
.fi
.in -.5i
\fIProto\fR is one of \fBether, fddi, tr, wlan, ppp, slip, link,
ip, arp, rarp, tcp, udp, icmp, ip6\fR or \fBradio\fR, and
.I Proto
is one of
.BR arp ,
.BR atalk ,
.BR carp ,
.BR decnet ,
.BR ether ,
.BR fddi ,
.BR icmp ,
.BR icmp6 ,
.BR igmp ,
.BR igrp ,
.BR ip ,
.BR ip6 ,
.BR lat ,
.BR link ,
.BR mopdl ,
.BR moprc ,
.BR pim ,
.BR ppp ,
.BR radio ,
.BR rarp ,
.BR sca ,
.BR sctp ,
.BR slip ,
.BR tcp ,
.BR tr ,
.BR udp ,
.B vrrp
or
.BR wlan ,
and
indicates the protocol layer for the index operation.
(\fBether, fddi, wlan, tr, ppp, slip\fR and \fBlink\fR all refer to the
.RB ( ether ,
.BR fddi ,
.BR link ,
.BR ppp ,
.BR slip ,
.B tr
and
.BR wlan
all refer to the
link layer. \fBradio\fR refers to the "radio header" added to some
802.11 captures.)
Note that \fBtcp\fR, \fBudp\fR and other upper-layer protocol types only
@@ -847,8 +955,6 @@ The byte offset, relative to the indicated protocol layer, is
given by \fIexpr\fR.
\fISize\fR is optional and indicates the number of bytes in the
field of interest; it can be either one, two, or four, and defaults to one.
The length operator, indicated by the keyword \fBlen\fP, gives the
length of the packet.
For example, `\fBether[\fP0\fB] &\fP 1 \fB!=\fP 0' catches all multicast traffic.
The expression `\fBip[\fP0\fB] &\fP 0xf \fB!=\fP 5'
@@ -862,37 +968,62 @@ index operations.
For instance, \fBtcp[\fP0\fB]\fP always means the first
byte of the TCP \fIheader\fP, and never means the first byte of an
intervening fragment.
.IP
Some offsets and field values may be expressed as names rather than
as numeric values.
The following protocol header field offsets are
available: \fBicmptype\fP (ICMP type field), \fBicmp6type\fP (ICMPv6 type field),
\fBicmpcode\fP (ICMP code field), \fBicmp6code\fP (ICMPv6 code field) and
\fBtcpflags\fP (TCP flags field).
The following ICMP type field values are available: \fBicmp-echoreply\fP,
\fBicmp-unreach\fP, \fBicmp-sourcequench\fP, \fBicmp-redirect\fP,
\fBicmp-echo\fP, \fBicmp-routeradvert\fP, \fBicmp-routersolicit\fP,
\fBicmp-timxceed\fP, \fBicmp-paramprob\fP, \fBicmp-tstamp\fP,
\fBicmp-tstampreply\fP, \fBicmp-ireq\fP, \fBicmp-ireqreply\fP,
\fBicmp-maskreq\fP, \fBicmp-maskreply\fP.
The following ICMPv6 type fields are available: \fBicmp6-destinationrunreach\fP,
\fBicmp6-packettoobig\fP, \fBicmp6-timeexceeded\fP,
\fBicmp6-parameterproblem\fP, \fBicmp6-echo\fP,
\fBicmp6-echoreply\fP, \fBicmp6-multicastlistenerquery\fP,
\fBicmp6-multicastlistenerreportv1\fP, \fBicmp6-multicastlistenerdone\fP,
\fBicmp6-routersolicit\fP, \fBicmp6-routeradvert\fP,
\fBicmp6-neighborsolicit\fP, \fBicmp6-neighboradvert\fP, \fBicmp6-redirect\fP,
\fBicmp6-routerrenum\fP, \fBicmp6-nodeinformationquery\fP,
\fBicmp6-nodeinformationresponse\fP, \fBicmp6-ineighbordiscoverysolicit\fP,
\fBicmp6-ineighbordiscoveryadvert\fP, \fBicmp6-multicastlistenerreportv2\fP,
\fBicmp6-homeagentdiscoveryrequest\fP, \fBicmp6-homeagentdiscoveryreply\fP,
\fBicmp6-mobileprefixsolicit\fP, \fBicmp6-mobileprefixadvert\fP,
\fBicmp6-certpathsolicit\fP, \fBicmp6-certpathadvert\fP,
\fBicmp6-multicastrouteradvert\fP, \fBicmp6-multicastroutersolicit\fP,
\fBicmp6-multicastrouterterm\fP.
.IP
The following ICMP type field values are available:
.BR \%icmp-echoreply ,
.BR \%icmp-unreach ,
.BR \%icmp-sourcequench ,
.BR \%icmp-redirect ,
.BR \%icmp-echo ,
.BR \%icmp-routeradvert ,
.BR \%icmp-routersolicit ,
.BR \%icmp-timxceed ,
.BR \%icmp-paramprob ,
.BR \%icmp-tstamp ,
.BR \%icmp-tstampreply ,
.BR \%icmp-ireq ,
.BR \%icmp-ireqreply ,
.BR \%icmp-maskreq ,
.BR \%icmp-maskreply .
.IP
The following ICMPv6 type field values are available:
.BR \%icmp6-destinationunreach ,
.BR \%icmp6-packettoobig ,
.BR \%icmp6-timeexceeded ,
.BR \%icmp6-parameterproblem ,
.BR \%icmp6-echo ,
.BR \%icmp6-echoreply ,
.BR \%icmp6-multicastlistenerquery ,
.BR \%icmp6-multicastlistenerreportv1 ,
.BR \%icmp6-multicastlistenerdone ,
.BR \%icmp6-routersolicit ,
.BR \%icmp6-routeradvert ,
.BR \%icmp6-neighborsolicit ,
.BR \%icmp6-neighboradvert ,
.BR \%icmp6-redirect ,
.BR \%icmp6-routerrenum ,
.BR \%icmp6-nodeinformationquery ,
.BR \%icmp6-nodeinformationresponse ,
.BR \%icmp6-ineighbordiscoverysolicit ,
.BR \%icmp6-ineighbordiscoveryadvert ,
.BR \%icmp6-multicastlistenerreportv2 ,
.BR \%icmp6-homeagentdiscoveryrequest ,
.BR \%icmp6-homeagentdiscoveryreply ,
.BR \%icmp6-mobileprefixsolicit ,
.BR \%icmp6-mobileprefixadvert ,
.BR \%icmp6-certpathsolicit ,
.BR \%icmp6-certpathadvert ,
.BR \%icmp6-multicastrouteradvert ,
.BR \%icmp6-multicastroutersolicit ,
.BR \%icmp6-multicastrouterterm .
.IP
The following TCP flags field values are available: \fBtcp-fin\fP,
\fBtcp-syn\fP, \fBtcp-rst\fP, \fBtcp-push\fP,
\fBtcp-ack\fP, \fBtcp-urg\fP, \fBtcp-ece\fP,
@@ -1033,10 +1164,20 @@ icmp[icmptype] != icmp-echo and icmp[icmptype] != icmp-echoreply
icmp6[icmp6type] != icmp6-echo and icmp6[icmp6type] != icmp6-echoreply
.fi
.RE
.SH "SEE ALSO"
.SH BACKWARD COMPATIBILITY
The ICMPv6 type code names, as well as the
.B tcp-ece
and
.B tcp-cwr
TCP flag names became available in libpcap 1.9.0.
.PP
The
.B geneve
keyword became available in libpcap 1.8.0.
.SH SEE ALSO
.BR pcap (3PCAP)
.SH BUGS
To report a security issue please send an e-mail to security@tcpdump.org.
To report a security issue please send an e-mail to \%security@tcpdump.org.
.LP
To report bugs and other problems, contribute patches, request a
feature, provide generic feedback etc please see the file

31
libpcap/pcap-haiku.cpp
View File

@@ -47,12 +47,11 @@ prepare_request(struct ifreq& request, const char* name)
static int
pcap_read_haiku(pcap_t* handle, int maxPackets, pcap_handler callback,
pcap_read_haiku(pcap_t* handle, int maxPackets _U_, pcap_handler callback,
u_char* userdata)
{
// Receive a single packet
struct pcap_haiku* handlep = (struct pcap_haiku*)handle->priv;
u_char* buffer = (u_char*)handle->buffer + handle->offset;
struct sockaddr_dl from;
ssize_t bytesReceived;
@@ -160,6 +159,17 @@ pcap_activate_haiku(pcap_t *handle)
handle->getnonblock_op = pcap_getnonblock_fd;
handle->setnonblock_op = pcap_setnonblock_fd;
/*
* Turn a negative snapshot value (invalid), a snapshot value of
* 0 (unspecified), or a value bigger than the normal maximum
* value, into the maximum allowed value.
*
* If some application really *needs* a bigger snapshot
* length, we should just increase MAXIMUM_SNAPLEN.
*/
if (handle->snapshot <= 0 || handle->snapshot > MAXIMUM_SNAPLEN)
handle->snapshot = MAXIMUM_SNAPLEN;
handlep->device = strdup(device);
if (handlep->device == NULL) {
pcap_fmt_errmsg_for_errno(handle->errbuf, PCAP_ERRBUF_SIZE,
@@ -238,7 +248,11 @@ pcap_create_interface(const char *device, char *errorBuffer)
return NULL;
}
pcap_t* handle = PCAP_CREATE_COMMON(errorBuffer, struct pcap_haiku);
struct wrapper_struct { pcap_t __common; struct pcap_haiku __private; };
pcap_t* handle = pcap_create_common(errorBuffer,
sizeof (struct wrapper_struct),
offsetof (struct wrapper_struct, __private));
if (handle == NULL) {
snprintf(errorBuffer, PCAP_ERRBUF_SIZE, "malloc: %s", strerror(errno));
close(socket);
@@ -254,7 +268,7 @@ pcap_create_interface(const char *device, char *errorBuffer)
}
static int
can_be_bound(const char *name)
can_be_bound(const char *name _U_)
{
return 1;
}
@@ -280,3 +294,12 @@ pcap_platform_finddevs(pcap_if_list_t* _allDevices, char* errorBuffer)
return pcap_findalldevs_interfaces(_allDevices, errorBuffer, can_be_bound,
get_if_flags);
}
/*
* Libpcap version string.
*/
extern "C" const char *
pcap_lib_version(void)
{
return (PCAP_VERSION_STRING);
}

22
libpcap/pcap-int.h
View File

@@ -52,6 +52,24 @@
#include "portability.h"
/*
* If we're compiling with Visual Studio, make sure we have at least
* VS 2015 or later, so we have sufficient C99 support.
*
* XXX - verify that we have at least C99 support on UN*Xes?
*
* What about MinGW or various DOS toolchains? We're currently assuming
* sufficient C99 support there.
*/
#if defined(_MSC_VER)
/*
* Compiler is MSVC. Make sure we have VS 2015 or later.
*/
#if _MSC_VER < 1900
#error "Building libpcap requires VS 2015 or later"
#endif
#endif
/*
* Version string.
* Uses PACKAGE_VERSION from config.h.
@@ -467,7 +485,7 @@ pcap_t *pcap_create_interface(const char *, char *);
/*
* This wrapper takes an error buffer pointer and a type to use for the
* private data, and calls pcap_create_common(), passing it the error
* buffer pointer, the size fo the private data type, in bytes, and the
* buffer pointer, the size for the private data type, in bytes, and the
* offset of the private data from the beginning of the structure, in
* bytes.
*/
@@ -551,7 +569,7 @@ int add_addr_to_if(pcap_if_list_t *, const char *, bpf_u_int32,
/*
* This wrapper takes an error buffer pointer and a type to use for the
* private data, and calls pcap_create_common(), passing it the error
* buffer pointer, the size fo the private data type, in bytes, and the
* buffer pointer, the size for the private data type, in bytes, and the
* offset of the private data from the beginning of the structure, in
* bytes.
*/

46
libpcap/pcap-libdlpi.c
View File

@@ -108,15 +108,24 @@ pcap_activate_libdlpi(pcap_t *p)
*/
retv = dlpi_open(p->opt.device, &dh, DLPI_RAW|DLPI_PASSIVE);
if (retv != DLPI_SUCCESS) {
if (retv == DLPI_ELINKNAMEINVAL || retv == DLPI_ENOLINK)
if (retv == DLPI_ELINKNAMEINVAL || retv == DLPI_ENOLINK) {
/*
* There's nothing more to say, so clear the
* error message.
*/
status = PCAP_ERROR_NO_SUCH_DEVICE;
else if (retv == DL_SYSERR &&
(errno == EPERM || errno == EACCES))
p->errbuf[0] = '\0';
} else if (retv == DL_SYSERR &&
(errno == EPERM || errno == EACCES)) {
status = PCAP_ERROR_PERM_DENIED;
else
snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
"Attempt to open DLPI device failed with %s - root privilege may be required",
(errno == EPERM) ? "EPERM" : "EACCES");
} else {
status = PCAP_ERROR;
pcap_libdlpi_err(p->opt.device, "dlpi_open", retv,
p->errbuf);
pcap_libdlpi_err(p->opt.device, "dlpi_open", retv,
p->errbuf);
}
return (status);
}
pd->dlpi_hd = dh;
@@ -265,12 +274,25 @@ dlpromiscon(pcap_t *p, bpf_u_int32 level)
retv = dlpi_promiscon(pd->dlpi_hd, level);
if (retv != DLPI_SUCCESS) {
if (retv == DL_SYSERR &&
(errno == EPERM || errno == EACCES))
err = PCAP_ERROR_PERM_DENIED;
else
(errno == EPERM || errno == EACCES)) {
if (level == DL_PROMISC_PHYS) {
err = PCAP_ERROR_PROMISC_PERM_DENIED;
snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
"Attempt to set promiscuous mode failed with %s - root privilege may be required",
(errno == EPERM) ? "EPERM" : "EACCES");
} else {
err = PCAP_ERROR_PERM_DENIED;
snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
"Attempt to set %s mode failed with %s - root privilege may be required",
(level == DL_PROMISC_MULTI) ? "multicast" : "SAP promiscuous",
(errno == EPERM) ? "EPERM" : "EACCES");
}
} else {
err = PCAP_ERROR;
pcap_libdlpi_err(p->opt.device, "dlpi_promiscon" STRINGIFY(level),
retv, p->errbuf);
pcap_libdlpi_err(p->opt.device,
"dlpi_promiscon" STRINGIFY(level),
retv, p->errbuf);
}
return (err);
}
return (0);
@@ -322,7 +344,7 @@ pcap_platform_finddevs(pcap_if_list_t *devlistp, char *errbuf)
linknamelist_t *entry, *next;
linkwalk_t lw = {NULL, 0};
int save_errno;
int save_errno;
/*
* Get the list of regular interfaces first.

434
libpcap/pcap-linux.c
View File

@@ -2,7 +2,7 @@
* pcap-linux.c: Packet capture interface to the Linux kernel
*
* Copyright (c) 2000 Torsten Landschoff <torsten@debian.org>
* Sebastian Krahmer <krahmer@cs.uni-potsdam.de>
* Sebastian Krahmer <krahmer@cs.uni-potsdam.de>
*
* License: BSD
*
@@ -100,6 +100,7 @@
#include "pcap-int.h"
#include "pcap/sll.h"
#include "pcap/vlan.h"
#include "pcap/can_socketcan.h"
#include "diag-control.h"
@@ -222,7 +223,7 @@ static int get_if_flags(const char *, bpf_u_int32 *, char *);
static int is_wifi(const char *);
static void map_arphrd_to_dlt(pcap_t *, int, const char *, int);
static int pcap_activate_linux(pcap_t *);
static int activate_pf_packet(pcap_t *, int);
static int setup_socket(pcap_t *, int);
static int setup_mmapped(pcap_t *, int *);
static int pcap_can_set_rfmon_linux(pcap_t *);
static int pcap_inject_linux(pcap_t *, const void *, int);
@@ -314,14 +315,12 @@ static const struct timeval netdown_timeout = {
*/
static int iface_get_id(int fd, const char *device, char *ebuf);
static int iface_get_mtu(int fd, const char *device, char *ebuf);
static int iface_get_arptype(int fd, const char *device, char *ebuf);
static int iface_bind(int fd, int ifindex, char *ebuf, int protocol);
static int iface_get_arptype(int fd, const char *device, char *ebuf);
static int iface_bind(int fd, int ifindex, char *ebuf, int protocol);
static int enter_rfmon_mode(pcap_t *handle, int sock_fd,
const char *device);
#if defined(HAVE_LINUX_NET_TSTAMP_H) && defined(PACKET_TIMESTAMP)
static int iface_ethtool_get_ts_info(const char *device, pcap_t *handle,
static int iface_get_ts_types(const char *device, pcap_t *handle,
char *ebuf);
#endif
static int iface_get_offload(pcap_t *handle);
static int fix_program(pcap_t *handle, struct sock_fprog *fcode);
@@ -348,15 +347,13 @@ pcap_create_interface(const char *device, char *ebuf)
handle->activate_op = pcap_activate_linux;
handle->can_set_rfmon_op = pcap_can_set_rfmon_linux;
#if defined(HAVE_LINUX_NET_TSTAMP_H) && defined(PACKET_TIMESTAMP)
/*
* See what time stamp types we support.
*/
if (iface_ethtool_get_ts_info(device, handle, ebuf) == -1) {
if (iface_get_ts_types(device, handle, ebuf) == -1) {
pcap_close(handle);
return NULL;
}
#endif
/*
* We claim that we support microsecond and nanosecond time
@@ -845,7 +842,10 @@ static void pcap_cleanup_linux( pcap_t *handle )
handlep->device = NULL;
}
close(handlep->poll_breakloop_fd);
if (handlep->poll_breakloop_fd != -1) {
close(handlep->poll_breakloop_fd);
handlep->poll_breakloop_fd = -1;
}
pcap_cleanup_live_common(handle);
}
@@ -944,7 +944,41 @@ static void pcap_breakloop_linux(pcap_t *handle)
uint64_t value = 1;
/* XXX - what if this fails? */
(void)write(handlep->poll_breakloop_fd, &value, sizeof(value));
if (handlep->poll_breakloop_fd != -1)
(void)write(handlep->poll_breakloop_fd, &value, sizeof(value));
}
/*
* Set the offset at which to insert VLAN tags.
* That should be the offset of the type field.
*/
static void
set_vlan_offset(pcap_t *handle)
{
struct pcap_linux *handlep = handle->priv;
switch (handle->linktype) {
case DLT_EN10MB:
/*
* The type field is after the destination and source
* MAC address.
*/
handlep->vlan_offset = 2 * ETH_ALEN;
break;
case DLT_LINUX_SLL:
/*
* The type field is in the last 2 bytes of the
* DLT_LINUX_SLL header.
*/
handlep->vlan_offset = SLL_HDR_LEN - 2;
break;
default:
handlep->vlan_offset = -1; /* unknown */
break;
}
}
/*
@@ -980,6 +1014,11 @@ pcap_activate_linux(pcap_t *handle)
* we'll be copying it, that won't fit.
*/
if (strlen(device) >= sizeof(ifr.ifr_name)) {
/*
* There's nothing more to say, so clear the error
* message.
*/
handle->errbuf[0] = '\0';
status = PCAP_ERROR_NO_SUCH_DEVICE;
goto fail;
}
@@ -1035,7 +1074,7 @@ pcap_activate_linux(pcap_t *handle)
* If the "any" device is specified, try to open a SOCK_DGRAM.
* Otherwise, open a SOCK_RAW.
*/
ret = activate_pf_packet(handle, is_any_device);
ret = setup_socket(handle, is_any_device);
if (ret < 0) {
/*
* Fatal error; the return value is the error code,
@@ -1111,6 +1150,13 @@ static int
pcap_set_datalink_linux(pcap_t *handle, int dlt)
{
handle->linktype = dlt;
/*
* Update the offset at which to insert VLAN tags for the
* new link-layer type.
*/
set_vlan_offset(handle);
return 0;
}
@@ -1144,9 +1190,12 @@ linux_check_direction(const pcap_t *handle, const struct sockaddr_ll *sll)
* easily distinguish packets looped back by the CAN
* layer than those received by the CAN layer, so we
* eliminate this packet instead.
*
* We check whether this is a CAN or CAN FD frame
* by checking whether the device's hardware type
* is ARPHRD_CAN.
*/
if ((sll->sll_protocol == LINUX_SLL_P_CAN ||
sll->sll_protocol == LINUX_SLL_P_CANFD) &&
if (sll->sll_hatype == ARPHRD_CAN &&
handle->direction != PCAP_D_OUT)
return 0;
@@ -1440,7 +1489,7 @@ get_if_ioctl_socket(void)
* capture on them, "why do no interfaces show up?" - when the
* real problem is a permissions problem. Error reports of that
* type require a lot more back-and-forth to debug, as evidenced
* by many Wireshark bugs/mailing list questions/Q&A questoins.)
* by many Wireshark bugs/mailing list questions/Q&A questions.)
*
* So:
*
@@ -1612,8 +1661,8 @@ get_if_flags(const char *name, bpf_u_int32 *flags, char *errbuf)
}
}
fclose(fh);
free(pathstr);
}
free(pathstr);
}
#ifdef ETHTOOL_GLINK
@@ -1815,7 +1864,7 @@ static void map_arphrd_to_dlt(pcap_t *handle, int arptype,
* XXX - are there any other sorts of "fake Ethernet" that
* have ARPHRD_ETHER but that shouldn't offer DLT_DOCSIS as
* a Cisco CMTS won't put traffic onto it or get traffic
* bridged onto it? ISDN is handled in "activate_pf_packet()",
* bridged onto it? ISDN is handled in "setup_socket()",
* as we fall back on cooked mode there, and we use
* is_wifi() to check for 802.11 devices; are there any
* others?
@@ -1882,14 +1931,7 @@ static void map_arphrd_to_dlt(pcap_t *handle, int arptype,
#define ARPHRD_CAN 280
#endif
case ARPHRD_CAN:
/*
* Map this to DLT_LINUX_SLL; that way, CAN frames will
* have ETH_P_CAN/LINUX_SLL_P_CAN as the protocol and
* CAN FD frames will have ETH_P_CANFD/LINUX_SLL_P_CANFD
* as the protocol, so they can be distinguished by the
* protocol in the SLL header.
*/
handle->linktype = DLT_LINUX_SLL;
handle->linktype = DLT_CAN_SOCKETCAN;
break;
#ifndef ARPHRD_IEEE802_TR
@@ -2171,7 +2213,7 @@ static void map_arphrd_to_dlt(pcap_t *handle, int arptype,
/* We need to save packet direction for IrDA decoding,
* so let's use "Linux-cooked" mode. Jean II
*
* XXX - this is handled in activate_pf_packet(). */
* XXX - this is handled in setup_socket(). */
/* handlep->cooked = 1; */
break;
@@ -2213,7 +2255,7 @@ static void map_arphrd_to_dlt(pcap_t *handle, int arptype,
* pick up the netlink protocol type such as NETLINK_ROUTE,
* NETLINK_GENERIC, NETLINK_FIB_LOOKUP, etc.
*
* XXX - this is handled in activate_pf_packet().
* XXX - this is handled in setup_socket().
*/
/* handlep->cooked = 1; */
break;
@@ -2231,59 +2273,36 @@ static void map_arphrd_to_dlt(pcap_t *handle, int arptype,
}
}
#ifdef PACKET_RESERVE
static void
set_dlt_list_cooked(pcap_t *handle, int sock_fd)
set_dlt_list_cooked(pcap_t *handle)
{
socklen_t len;
unsigned int tp_reserve;
/*
* Support both DLT_LINUX_SLL and DLT_LINUX_SLL2.
*/
handle->dlt_list = (u_int *) malloc(sizeof(u_int) * 2);
/*
* If we can't do PACKET_RESERVE, we can't reserve extra space
* for a DLL_LINUX_SLL2 header, so we can't support DLT_LINUX_SLL2.
* If that failed, just leave the list empty.
*/
len = sizeof(tp_reserve);
if (getsockopt(sock_fd, SOL_PACKET, PACKET_RESERVE, &tp_reserve,
&len) == 0) {
/*
* Yes, we can do DLL_LINUX_SLL2.
*/
handle->dlt_list = (u_int *) malloc(sizeof(u_int) * 2);
/*
* If that fails, just leave the list empty.
*/
if (handle->dlt_list != NULL) {
handle->dlt_list[0] = DLT_LINUX_SLL;
handle->dlt_list[1] = DLT_LINUX_SLL2;
handle->dlt_count = 2;
}
if (handle->dlt_list != NULL) {
handle->dlt_list[0] = DLT_LINUX_SLL;
handle->dlt_list[1] = DLT_LINUX_SLL2;
handle->dlt_count = 2;
}
}
#else/* PACKET_RESERVE */
/*
* The build environment doesn't define PACKET_RESERVE, so we can't reserve
* extra space for a DLL_LINUX_SLL2 header, so we can't support DLT_LINUX_SLL2.
*/
static void
set_dlt_list_cooked(pcap_t *handle _U_, int sock_fd _U_)
{
}
#endif /* PACKET_RESERVE */
/*
* Try to set up a PF_PACKET socket.
* Returns 0 on success and a PCAP_ERROR_ value on failure.
*/
static int
activate_pf_packet(pcap_t *handle, int is_any_device)
setup_socket(pcap_t *handle, int is_any_device)
{
struct pcap_linux *handlep = handle->priv;
const char *device = handle->opt.device;
int status = 0;
int sock_fd, arptype;
#ifdef HAVE_PACKET_AUXDATA
int val;
#endif
int err = 0;
struct packet_mreq mr;
#if defined(SO_BPF_EXTENSIONS) && defined(SKF_AD_VLAN_TAG_PRESENT)
@@ -2312,6 +2331,8 @@ activate_pf_packet(pcap_t *handle, int is_any_device)
* socket.
*/
status = PCAP_ERROR_PERM_DENIED;
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
"Attempt to create packet socket failed - CAP_NET_RAW may be required");
} else {
/*
* Other error.
@@ -2439,7 +2460,7 @@ activate_pf_packet(pcap_t *handle, int is_any_device)
free(handle->dlt_list);
handle->dlt_list = NULL;
handle->dlt_count = 0;
set_dlt_list_cooked(handle, sock_fd);
set_dlt_list_cooked(handle);
}
if (handle->linktype == -1) {
@@ -2505,7 +2526,7 @@ activate_pf_packet(pcap_t *handle, int is_any_device)
handle->linktype = DLT_LINUX_SLL;
handle->dlt_list = NULL;
handle->dlt_count = 0;
set_dlt_list_cooked(handle, sock_fd);
set_dlt_list_cooked(handle);
/*
* We're not bound to a device.
@@ -2552,9 +2573,15 @@ activate_pf_packet(pcap_t *handle, int is_any_device)
}
}
/* Enable auxiliary data if supported and reserve room for
* reconstructing VLAN headers. */
#ifdef HAVE_PACKET_AUXDATA
/*
* Enable auxiliary data and reserve room for reconstructing
* VLAN headers.
*
* XXX - is enabling auxiliary data necessary, now that we
* only support memory-mapped capture? The kernel's memory-mapped
* capture code doesn't seem to check whether auxiliary data
* is enabled, it seems to provide it whether it is or not.
*/
val = 1;
if (setsockopt(sock_fd, SOL_PACKET, PACKET_AUXDATA, &val,
sizeof(val)) == -1 && errno != ENOPROTOOPT) {
@@ -2564,7 +2591,6 @@ activate_pf_packet(pcap_t *handle, int is_any_device)
return PCAP_ERROR;
}
handle->offset += VLAN_TAG_LEN;
#endif /* HAVE_PACKET_AUXDATA */
/*
* If we're in cooked mode, make the snapshot length
@@ -2584,30 +2610,8 @@ activate_pf_packet(pcap_t *handle, int is_any_device)
/*
* Set the offset at which to insert VLAN tags.
* That should be the offset of the type field.
*/
switch (handle->linktype) {
case DLT_EN10MB:
/*
* The type field is after the destination and source
* MAC address.
*/
handlep->vlan_offset = 2 * ETH_ALEN;
break;
case DLT_LINUX_SLL:
/*
* The type field is in the last 2 bytes of the
* DLT_LINUX_SLL header.
*/
handlep->vlan_offset = SLL_HDR_LEN - 2;
break;
default:
handlep->vlan_offset = -1; /* unknown */
break;
}
set_vlan_offset(handle);
if (handle->opt.tstamp_precision == PCAP_TSTAMP_PRECISION_NANO) {
int nsec_tstamps = 1;
@@ -2678,6 +2682,7 @@ setup_mmapped(pcap_t *handle, int *status)
ret = prepare_tpacket_socket(handle);
if (ret == -1) {
free(handlep->oneshot_buffer);
handlep->oneshot_buffer = NULL;
*status = PCAP_ERROR;
return ret;
}
@@ -2688,6 +2693,7 @@ setup_mmapped(pcap_t *handle, int *status)
* fail. create_ring() has set *status.
*/
free(handlep->oneshot_buffer);
handlep->oneshot_buffer = NULL;
return -1;
}
@@ -2889,40 +2895,30 @@ create_ring(pcap_t *handle, int *status)
tp_reserve = VLAN_TAG_LEN;
/*
* If we're using DLT_LINUX_SLL2, reserve space for a
* DLT_LINUX_SLL2 header.
* If we're capturing in cooked mode, reserve space for
* a DLT_LINUX_SLL2 header; we don't know yet whether
* we'll be using DLT_LINUX_SLL or DLT_LINUX_SLL2, as
* that can be changed on an open device, so we reserve
* space for the larger of the two.
*
* XXX - we assume that the kernel is still adding
* 16 bytes of extra space; that happens to
* correspond to SLL_HDR_LEN (whether intentionally
* or not - the kernel code has a raw "16" in
* the expression), so we subtract SLL_HDR_LEN
* from SLL2_HDR_LEN to get the additional space
* needed. That also means we don't bother reserving
* any additional space if we're using DLT_LINUX_SLL.
* 16 bytes of extra space, so we subtract 16 from
* SLL2_HDR_LEN to get the additional space needed.
* (Are they doing that for DLT_LINUX_SLL, the link-
* layer header for which is 16 bytes?)
*
* XXX - should we use TPACKET_ALIGN(SLL2_HDR_LEN - SLL_HDR_LEN)?
* XXX - should we use TPACKET_ALIGN(SLL2_HDR_LEN - 16)?
*/
if (handle->linktype == DLT_LINUX_SLL2)
tp_reserve += SLL2_HDR_LEN - SLL_HDR_LEN;
if (handlep->cooked)
tp_reserve += SLL2_HDR_LEN - 16;
/*
* Try to request that amount of reserve space.
* This must be done before creating the ring buffer.
* If PACKET_RESERVE is supported, creating the ring
* buffer should be, although if creating the ring
* buffer fails, the PACKET_RESERVE call has no effect,
* so falling back on read-from-the-socket capturing
* won't be affected.
*/
len = sizeof(tp_reserve);
if (setsockopt(handle->fd, SOL_PACKET, PACKET_RESERVE,
&tp_reserve, len) < 0) {
/*
* We treat ENOPROTOOPT as an error, as we
* already determined that we support
* TPACKET_V2 and later; see above.
*/
pcap_fmt_errmsg_for_errno(handle->errbuf,
PCAP_ERRBUF_SIZE, errno,
"setsockopt (PACKET_RESERVE)");
@@ -3118,6 +3114,9 @@ create_ring(pcap_t *handle, int *status)
pcap_strlcpy(ifr.ifr_name, handle->opt.device, sizeof(ifr.ifr_name));
ifr.ifr_data = (void *)&hwconfig;
/*
* This may require CAP_NET_ADMIN.
*/
if (ioctl(handle->fd, SIOCSHWTSTAMP, &ifr) < 0) {
switch (errno) {
@@ -3130,6 +3129,8 @@ create_ring(pcap_t *handle, int *status)
* try requesting hardware time stamps.
*/
*status = PCAP_ERROR_PERM_DENIED;
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
"Attempt to set hardware timestamp failed - CAP_NET_ADMIN may be required");
return -1;
case EOPNOTSUPP:
@@ -3378,7 +3379,23 @@ pcap_setnonblock_linux(pcap_t *handle, int nonblock)
*/
handlep->timeout = ~handlep->timeout;
}
if (handlep->poll_breakloop_fd != -1) {
/* Close the eventfd; we do not need it in nonblock mode. */
close(handlep->poll_breakloop_fd);
handlep->poll_breakloop_fd = -1;
}
} else {
if (handlep->poll_breakloop_fd == -1) {
/* If we did not have an eventfd, open one now that we are blocking. */
if ( ( handlep->poll_breakloop_fd = eventfd(0, EFD_NONBLOCK) ) == -1 ) {
int save_errno = errno;
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
"Could not open eventfd: %s",
strerror(errno));
errno = save_errno;
return -1;
}
}
if (handlep->timeout < 0) {
handlep->timeout = ~handlep->timeout;
}
@@ -3422,10 +3439,24 @@ static int pcap_wait_for_frames_mmap(pcap_t *handle)
struct ifreq ifr;
int ret;
struct pollfd pollinfo[2];
int numpollinfo;
pollinfo[0].fd = handle->fd;
pollinfo[0].events = POLLIN;
pollinfo[1].fd = handlep->poll_breakloop_fd;
pollinfo[1].events = POLLIN;
if ( handlep->poll_breakloop_fd == -1 ) {
numpollinfo = 1;
pollinfo[1].revents = 0;
/*
* We set pollinfo[1].revents to zero, even though
* numpollinfo = 1 meaning that poll() doesn't see
* pollinfo[1], so that we do not have to add a
* conditional of numpollinfo > 1 below when we
* test pollinfo[1].revents.
*/
} else {
pollinfo[1].fd = handlep->poll_breakloop_fd;
pollinfo[1].events = POLLIN;
numpollinfo = 2;
}
/*
* Keep polling until we either get some packets to read, see
@@ -3467,7 +3498,7 @@ static int pcap_wait_for_frames_mmap(pcap_t *handle)
* don't need to poll.
*/
for (;;) {
/*
/*
* Yes, we do this even in non-blocking mode, as it's
* the only way to get error indications from a
* tpacket socket.
@@ -3490,7 +3521,7 @@ static int pcap_wait_for_frames_mmap(pcap_t *handle)
if (timeout != 0)
timeout = 1;
}
ret = poll(pollinfo, 2, timeout);
ret = poll(pollinfo, numpollinfo, timeout);
if (ret < 0) {
/*
* Error. If it's not EINTR, report it.
@@ -3772,6 +3803,7 @@ static int pcap_handle_packet_mmap(
unsigned char *bp;
struct sockaddr_ll *sll;
struct pcap_pkthdr pcaphdr;
pcap_can_socketcan_hdr *canhdr;
unsigned int snaplen = tp_snaplen;
struct utsname utsname;
@@ -3890,6 +3922,68 @@ static int pcap_handle_packet_mmap(
snaplen += sizeof(struct sll_header);
}
} else {
/*
* If this is a packet from a CAN device, so that
* sll->sll_hatype is ARPHRD_CAN, then, as we're
* not capturing in cooked mode, its link-layer
* type is DLT_CAN_SOCKETCAN. Fix up the header
* provided by the code below us to match what
* DLT_CAN_SOCKETCAN is expected to provide.
*/
if (sll->sll_hatype == ARPHRD_CAN) {
/*
* DLT_CAN_SOCKETCAN is specified as having the
* CAN ID and flags in network byte order, but
* capturing on a CAN device provides it in host
* byte order. Convert it to network byte order.
*/
canhdr = (pcap_can_socketcan_hdr *)bp;
canhdr->can_id = htonl(canhdr->can_id);
/*
* In addition, set the CANFD_FDF flag if
* the protocol is LINUX_SLL_P_CANFD, as
* the protocol field itself isn't in
* the packet to indicate that it's a
* CAN FD packet.
*/
uint16_t protocol = ntohs(sll->sll_protocol);
if (protocol == LINUX_SLL_P_CANFD) {
canhdr->fd_flags |= CANFD_FDF;
/*
* Zero out all the unknown bits in
* fd_flags and clear the reserved
* fields, so that a program reading
* this can assume that CANFD_FDF
* is set because we set it, not
* because some uninitialized crap
* was provided in the fd_flags
* field.
*
* (At least some LINKTYPE_CAN_SOCKETCAN
* files attached to Wireshark bugs
* had uninitialized junk there, so it
* does happen.)
*
* Update this if Linux adds more flag
* bits to the fd_flags field or uses
* either of the reserved fields for
* FD frames.
*/
canhdr->fd_flags &= ~(CANFD_FDF|CANFD_ESI|CANFD_BRS);
canhdr->reserved1 = 0;
canhdr->reserved2 = 0;
} else {
/*
* Clear CANFD_FDF if it's set (probably
* again meaning that this field is
* uninitialized junk).
*/
canhdr->fd_flags &= ~CANFD_FDF;
}
}
}
if (handlep->filter_in_userland && handle->fcode.bf_insns) {
@@ -4002,9 +4096,22 @@ pcap_read_linux_mmap_v2(pcap_t *handle, int max_packets, pcap_handler callback,
}
}
/* non-positive values of max_packets are used to require all
* packets currently available in the ring */
while ((pkts < max_packets) || PACKET_COUNT_IS_UNLIMITED(max_packets)) {
/*
* This can conceivably process more than INT_MAX packets,
* which would overflow the packet count, causing it either
* to look like a negative number, and thus cause us to
* return a value that looks like an error, or overflow
* back into positive territory, and thus cause us to
* return a too-low count.
*
* Therefore, if the packet count is unlimited, we clip
* it at INT_MAX; this routine is not expected to
* process packets indefinitely, so that's not an issue.
*/
if (PACKET_COUNT_IS_UNLIMITED(max_packets))
max_packets = INT_MAX;
while (pkts < max_packets) {
/*
* Get the current ring buffer frame, and break if
* it's still owned by the kernel.
@@ -4097,9 +4204,22 @@ again:
return pkts;
}
/* non-positive values of max_packets are used to require all
* packets currently available in the ring */
while ((pkts < max_packets) || PACKET_COUNT_IS_UNLIMITED(max_packets)) {
/*
* This can conceivably process more than INT_MAX packets,
* which would overflow the packet count, causing it either
* to look like a negative number, and thus cause us to
* return a value that looks like an error, or overflow
* back into positive territory, and thus cause us to
* return a too-low count.
*
* Therefore, if the packet count is unlimited, we clip
* it at INT_MAX; this routine is not expected to
* process packets indefinitely, so that's not an issue.
*/
if (PACKET_COUNT_IS_UNLIMITED(max_packets))
max_packets = INT_MAX;
while (pkts < max_packets) {
int packets_to_read;
if (handlep->current_packet == NULL) {
@@ -4112,12 +4232,12 @@ again:
}
packets_to_read = handlep->packets_left;
if (!PACKET_COUNT_IS_UNLIMITED(max_packets) &&
packets_to_read > (max_packets - pkts)) {
if (packets_to_read > (max_packets - pkts)) {
/*
* We've been given a maximum number of packets
* to process, and there are more packets in
* this buffer than that. Only process enough
* There are more packets in the buffer than
* the number of packets we have left to
* process to get up to the maximum number
* of packets to process. Only process enough
* of them to get us up to that maximum.
*/
packets_to_read = max_packets - pkts;
@@ -4322,7 +4442,18 @@ pcap_setfilter_linux(pcap_t *handle, struct bpf_program *filter)
* the filter for a reason other than "this kernel
* isn't configured to support socket filters.
*/
if (errno != ENOPROTOOPT && errno != EOPNOTSUPP) {
if (errno == ENOMEM) {
/*
* Either a kernel memory allocation
* failure occurred, or there's too
* much "other/option memory" allocated
* for this socket. Suggest that they
* increase the "other/option memory"
* limit.
*/
fprintf(stderr,
"Warning: Couldn't allocate kernel memory for filter: try increasing net.core.optmem_max with sysctl\n");
} else if (errno != ENOPROTOOPT && errno != EOPNOTSUPP) {
fprintf(stderr,
"Warning: Kernel filter failed: %s\n",
pcap_strerror(errno));
@@ -4465,12 +4596,18 @@ iface_bind(int fd, int ifindex, char *ebuf, int protocol)
*/
return PCAP_ERROR_IFACE_NOT_UP;
}
if (errno == ENODEV)
if (errno == ENODEV) {
/*
* There's nothing more to say, so clear the
* error message.
*/
ebuf[0] = '\0';
ret = PCAP_ERROR_NO_SUCH_DEVICE;
else
} else {
ret = PCAP_ERROR;
pcap_fmt_errmsg_for_errno(ebuf, PCAP_ERRBUF_SIZE,
errno, "bind");
pcap_fmt_errmsg_for_errno(ebuf, PCAP_ERRBUF_SIZE,
errno, "bind");
}
return ret;
}
@@ -4681,12 +4818,12 @@ iface_set_all_ts_types(pcap_t *handle, char *ebuf)
return 0;
}
#ifdef ETHTOOL_GET_TS_INFO
/*
* Get a list of time stamping capabilities.
* Get a list of time stamp types.
*/
#ifdef ETHTOOL_GET_TS_INFO
static int
iface_ethtool_get_ts_info(const char *device, pcap_t *handle, char *ebuf)
iface_get_ts_types(const char *device, pcap_t *handle, char *ebuf)
{
int fd;
struct ifreq ifr;
@@ -4773,6 +4910,8 @@ iface_ethtool_get_ts_info(const char *device, pcap_t *handle, char *ebuf)
* report HWTSTAMP_FILTER_ALL but map it to only
* time stamping a few PTP packets. See
* http://marc.info/?l=linux-netdev&m=146318183529571&w=2
*
* Maybe that got fixed later.
*/
handle->tstamp_type_list = NULL;
return 0;
@@ -4804,7 +4943,7 @@ iface_ethtool_get_ts_info(const char *device, pcap_t *handle, char *ebuf)
}
#else /* ETHTOOL_GET_TS_INFO */
static int
iface_ethtool_get_ts_info(const char *device, pcap_t *handle, char *ebuf)
iface_get_ts_types(const char *device, pcap_t *handle, char *ebuf)
{
/*
* This doesn't apply to the "any" device; you can't say "turn on
@@ -4827,7 +4966,15 @@ iface_ethtool_get_ts_info(const char *device, pcap_t *handle, char *ebuf)
return 0;
}
#endif /* ETHTOOL_GET_TS_INFO */
#else /* defined(HAVE_LINUX_NET_TSTAMP_H) && defined(PACKET_TIMESTAMP) */
static int
iface_get_ts_types(const char *device _U_, pcap_t *p _U_, char *ebuf _U_)
{
/*
* Nothing to fetch, so it always "succeeds".
*/
return 0;
}
#endif /* defined(HAVE_LINUX_NET_TSTAMP_H) && defined(PACKET_TIMESTAMP) */
/*
@@ -5093,12 +5240,17 @@ iface_get_arptype(int fd, const char *device, char *ebuf)
if (errno == ENODEV) {
/*
* No such device.
*
* There's nothing more to say, so clear
* the error message.
*/
ret = PCAP_ERROR_NO_SUCH_DEVICE;
} else
ebuf[0] = '\0';
} else {
ret = PCAP_ERROR;
pcap_fmt_errmsg_for_errno(ebuf, PCAP_ERRBUF_SIZE,
errno, "SIOCGIFHWADDR");
pcap_fmt_errmsg_for_errno(ebuf, PCAP_ERRBUF_SIZE,
errno, "SIOCGIFHWADDR");
}
return ret;
}

14
libpcap/pcap-netfilter-linux.c
View File

@@ -33,6 +33,7 @@
#endif
#include "pcap-int.h"
#include "diag-control.h"
#ifdef NEED_STRERROR_H
#include "strerror.h"
@@ -135,6 +136,13 @@ netfilter_read_linux(pcap_t *handle, int max_packets, pcap_handler callback, u_c
bp = (unsigned char *)handle->buffer;
} else
bp = handle->bp;
/*
* Loop through each message.
*
* This assumes that a single buffer of message will have
* <= INT_MAX packets, so the message count doesn't overflow.
*/
ep = bp + len;
while (bp < ep) {
const struct nlmsghdr *nlh = (const struct nlmsghdr *) bp;
@@ -343,7 +351,9 @@ netfilter_send_config_msg(const pcap_t *handle, uint16_t msg_type, int ack, u_in
static unsigned int seq_id;
if (!seq_id)
DIAG_OFF_NARROWING
seq_id = time(NULL);
DIAG_ON_NARROWING
++seq_id;
nlh->nlmsg_len = NLMSG_LENGTH(sizeof(struct nfgenmsg));
@@ -516,8 +526,8 @@ netfilter_activate(pcap_t* handle)
nftype_t type = OTHER;
int i;
if (strncmp(dev, NFLOG_IFACE, strlen(NFLOG_IFACE)) == 0) {
dev += strlen(NFLOG_IFACE);
if (strncmp(dev, NFLOG_IFACE, strlen(NFLOG_IFACE)) == 0) {
dev += strlen(NFLOG_IFACE);
type = NFLOG;
} else if (strncmp(dev, NFQUEUE_IFACE, strlen(NFQUEUE_IFACE)) == 0) {

32
libpcap/pcap-new.c
View File

@@ -36,6 +36,7 @@
#endif
#include "ftmacros.h"
#include "diag-control.h"
/*
* sockutils.h may include <crtdbg.h> on Windows, and pcap-int.h will
@@ -237,7 +238,10 @@ int pcap_findalldevs_ex(const char *source, struct pcap_rmtauth *auth, pcap_if_t
if (filedata == NULL)
{
DIAG_OFF_FORMAT_TRUNCATION
snprintf(errbuf, PCAP_ERRBUF_SIZE, "Error when listing files: does folder '%s' exist?", path);
DIAG_ON_FORMAT_TRUNCATION
closedir(unixdir);
return -1;
}
#endif
@@ -253,7 +257,9 @@ int pcap_findalldevs_ex(const char *source, struct pcap_rmtauth *auth, pcap_if_t
#else
if (pathlen + strlen(filedata->d_name) >= sizeof(filename))
continue;
DIAG_OFF_FORMAT_TRUNCATION
snprintf(filename, sizeof(filename), "%s%s", path, filedata->d_name);
DIAG_ON_FORMAT_TRUNCATION
#endif
fp = pcap_open_offline(filename, errbuf);
@@ -268,6 +274,11 @@ int pcap_findalldevs_ex(const char *source, struct pcap_rmtauth *auth, pcap_if_t
PCAP_ERRBUF_SIZE, errno,
"malloc() failed");
pcap_freealldevs(*alldevs);
#ifdef _WIN32
FindClose(filehandle);
#else
closedir(unixdir);
#endif
return -1;
}
@@ -297,6 +308,11 @@ int pcap_findalldevs_ex(const char *source, struct pcap_rmtauth *auth, pcap_if_t
if (pcap_createsrcstr(tmpstring, PCAP_SRC_FILE, NULL, NULL, filename, errbuf) == -1)
{
pcap_freealldevs(*alldevs);
#ifdef _WIN32
FindClose(filehandle);
#else
closedir(unixdir);
#endif
return -1;
}
@@ -307,6 +323,11 @@ int pcap_findalldevs_ex(const char *source, struct pcap_rmtauth *auth, pcap_if_t
PCAP_ERRBUF_SIZE, errno,
"malloc() failed");
pcap_freealldevs(*alldevs);
#ifdef _WIN32
FindClose(filehandle);
#else
closedir(unixdir);
#endif
return -1;
}
@@ -321,6 +342,11 @@ int pcap_findalldevs_ex(const char *source, struct pcap_rmtauth *auth, pcap_if_t
PCAP_ERRBUF_SIZE, errno,
"malloc() failed");
pcap_freealldevs(*alldevs);
#ifdef _WIN32
FindClose(filehandle);
#else
closedir(unixdir);
#endif
return -1;
}
@@ -334,9 +360,11 @@ int pcap_findalldevs_ex(const char *source, struct pcap_rmtauth *auth, pcap_if_t
#endif
#ifdef _WIN32
/* Close the search handle. */
#ifdef _WIN32
FindClose(filehandle);
#else
closedir(unixdir);
#endif
return 0;
@@ -444,6 +472,7 @@ pcap_t *pcap_open(const char *source, int snaplen, int flags, int read_timeout,
return fp;
fail:
DIAG_OFF_FORMAT_TRUNCATION
if (status == PCAP_ERROR)
snprintf(errbuf, PCAP_ERRBUF_SIZE, "%s: %s",
name, fp->errbuf);
@@ -455,6 +484,7 @@ fail:
else
snprintf(errbuf, PCAP_ERRBUF_SIZE, "%s: %s",
name, pcap_statustostr(status));
DIAG_ON_FORMAT_TRUNCATION
pcap_close(fp);
return NULL;
}

3
libpcap/pcap-nit.c
View File

@@ -125,6 +125,9 @@ pcap_read_nit(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
* Loop through each packet. The increment expression
* rounds up to the next int boundary past the end of
* the previous packet.
*
* This assumes that a single buffer of packets will have
* <= INT_MAX packets, so the packet count doesn't overflow.
*/
n = 0;
ep = bp + cc;

520
libpcap/pcap-npf.c
View File

@@ -36,6 +36,7 @@
#endif
#include <errno.h>
#include <limits.h> /* for INT_MAX */
#define PCAP_DONT_INCLUDE_PCAP_BPF_H
#include <Packet32.h>
#include <pcap-int.h>
@@ -445,6 +446,31 @@ pcap_setuserbuffer_npf(pcap_t *p, int size)
return (0);
}
#ifdef HAVE_NPCAP_PACKET_API
/*
* Kernel dump mode isn't supported in Npcap; calls to PacketSetDumpName(),
* PacketSetDumpLimits(), and PacketIsDumpEnded() will get compile-time
* deprecation warnings.
*
* Avoid calling them; just return errors indicating that kernel dump
* mode isn't supported in Npcap.
*/
static int
pcap_live_dump_npf(pcap_t *p, char *filename _U_, int maxsize _U_,
int maxpacks _U_)
{
snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
"Npcap doesn't support kernel dump mode");
return (-1);
}
static int
pcap_live_dump_ended_npf(pcap_t *p, int sync)
{
snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
"Npcap doesn't support kernel dump mode");
return (-1);
}
#else /* HAVE_NPCAP_PACKET_API */
static int
pcap_live_dump_npf(pcap_t *p, char *filename, int maxsize, int maxpacks)
{
@@ -485,6 +511,7 @@ pcap_live_dump_ended_npf(pcap_t *p, int sync)
return (PacketIsDumpEnded(pw->adapter, (BOOLEAN)sync));
}
#endif /* HAVE_NPCAP_PACKET_API */
#ifdef HAVE_AIRPCAP_API
static PAirpcapHandle
@@ -607,6 +634,9 @@ pcap_read_npf(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
/*
* Loop through each packet.
*
* This assumes that a single buffer of packets will have
* <= INT_MAX packets, so the packet count doesn't overflow.
*/
#define bhp ((struct bpf_hdr *)bp)
n = 0;
@@ -766,6 +796,21 @@ pcap_read_win32_dag(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
endofbuf = (char*)header + cc;
/*
* This can conceivably process more than INT_MAX packets,
* which would overflow the packet count, causing it either
* to look like a negative number, and thus cause us to
* return a value that looks like an error, or overflow
* back into positive territory, and thus cause us to
* return a too-low count.
*
* Therefore, if the packet count is unlimited, we clip
* it at INT_MAX; this routine is not expected to
* process packets indefinitely, so that's not an issue.
*/
if (PACKET_COUNT_IS_UNLIMITED(cnt))
cnt = INT_MAX;
/*
* Cycle through the packets
*/
@@ -856,7 +901,7 @@ pcap_read_win32_dag(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
}
}
/* No underlaying filtering system. We need to filter on our own */
/* No underlying filtering system. We need to filter on our own */
if (p->fcode.bf_insns)
{
if (pcap_filter(p->fcode.bf_insns, dp, packet_len, caplen) == 0)
@@ -867,7 +912,7 @@ pcap_read_win32_dag(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
}
}
/* Fill the header for the user suppplied callback function */
/* Fill the header for the user supplied callback function */
pcap_header.caplen = caplen;
pcap_header.len = packet_len;
@@ -940,8 +985,6 @@ pcap_breakloop_npf(pcap_t *p)
}
/*
* Vendor-specific error codes.
*
* These are NTSTATUS values:
*
* https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-erref/87fba13e-bf06-450e-83b1-9241dc81e781
@@ -950,15 +993,28 @@ pcap_breakloop_npf(pcap_t *p)
* mapped to Windows error values in userland; they're returned by
* GetLastError().
*
* Attempting to set non-promiscuous mode on a Microsoft Surface Pro's
* Mobile Broadband Adapter returns an error; that error can safely be
* ignored, as it's always in non-promiscuous mode.
* Note that "driver" here includes the Npcap NPF driver, as various
* versions would take NT status values and set the "Customer" bit
* before returning the status code. The commit message for the
* change that started doing that is
*
* Returned a customer-defined NTSTATUS in OID requests to avoid
* NTSTATUS-to-Win32 Error code translation.
*
* but I don't know why the goal was to avoid that translation.
*
* Attempting to set the hardware filter on a Microsoft Surface Pro's
* Mobile Broadband Adapter returns an error that appears to be
* NDIS_STATUS_NOT_SUPPORTED ORed with the "Customer" bit, so it's
* probably indicating that it doesn't support that.
*
* It is likely that there are other devices which throw spurious errors,
* at which point this will need refactoring to efficiently check against
* a list, but for now we can just check this one value.
* a list, but for now we can just check this one value. Perhaps the
* right way to do this is compare against various NDIS errors with
* the "customer" bit ORed in.
*/
#define NPF_SURFACE_MOBILE_NONPROMISC 0xe00000bb
#define NT_STATUS_CUSTOMER_DEFINED 0x20000000
static int
pcap_activate_npf(pcap_t *p)
@@ -1017,14 +1073,22 @@ pcap_activate_npf(pcap_t *p)
case ERROR_BAD_UNIT:
/*
* There's no such device.
* There's nothing to add, so clear the error
* message.
*/
p->errbuf[0] = '\0';
return (PCAP_ERROR_NO_SUCH_DEVICE);
case ERROR_ACCESS_DENIED:
/*
* There is, but we don't have permission to
* use it.
*
* XXX - we currently get ERROR_BAD_UNIT if the
* user says "no" to the UAC prompt.
*/
snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
"The helper program for \"Admin-only Mode\" must be allowed to make changes to your device");
return (PCAP_ERROR_PERM_DENIED);
default:
@@ -1052,10 +1116,9 @@ pcap_activate_npf(pcap_t *p)
/*Set the linktype*/
switch (type.LinkType)
{
case NdisMediumWan:
p->linktype = DLT_EN10MB;
break;
/*
* NDIS-defined medium types.
*/
case NdisMedium802_3:
p->linktype = DLT_EN10MB;
/*
@@ -1079,12 +1142,19 @@ pcap_activate_npf(pcap_t *p)
}
break;
case NdisMedium802_5:
/*
* Token Ring.
*/
p->linktype = DLT_IEEE802;
break;
case NdisMediumFddi:
p->linktype = DLT_FDDI;
break;
case NdisMedium802_5:
p->linktype = DLT_IEEE802;
case NdisMediumWan:
p->linktype = DLT_EN10MB;
break;
case NdisMediumArcnetRaw:
@@ -1099,6 +1169,21 @@ pcap_activate_npf(pcap_t *p)
p->linktype = DLT_ATM_RFC1483;
break;
case NdisMediumWirelessWan:
p->linktype = DLT_RAW;
break;
case NdisMediumIP:
p->linktype = DLT_RAW;
break;
/*
* Npcap-defined medium types.
*/
case NdisMediumNull:
p->linktype = DLT_NULL;
break;
case NdisMediumCHDLC:
p->linktype = DLT_CHDLC;
break;
@@ -1107,10 +1192,6 @@ pcap_activate_npf(pcap_t *p)
p->linktype = DLT_PPP_SERIAL;
break;
case NdisMediumNull:
p->linktype = DLT_NULL;
break;
case NdisMediumBare80211:
p->linktype = DLT_IEEE802_11;
break;
@@ -1123,10 +1204,6 @@ pcap_activate_npf(pcap_t *p)
p->linktype = DLT_PPI;
break;
case NdisMediumWirelessWan:
p->linktype = DLT_RAW;
break;
default:
/*
* An unknown medium type is assumed to supply Ethernet
@@ -1227,7 +1304,13 @@ pcap_activate_npf(pcap_t *p)
/*
* Suppress spurious error generated by non-compiant
* MS Surface mobile adapters.
* MS Surface mobile adapters that appear to
* return NDIS_STATUS_NOT_SUPPORTED for attempts
* to set the hardware filter.
*
* It appears to be reporting NDIS_STATUS_NOT_SUPPORTED,
* but with the NT status value "Customer" bit set;
* the Npcap NPF driver sets that bit in some cases.
*
* If we knew that this meant "promiscuous mode
* isn't supported", we could add a "promiscuous
@@ -1249,8 +1332,17 @@ pcap_activate_npf(pcap_t *p)
* and rejecting it with an error could disrupt
* attempts to capture, as many programs (tcpdump,
* *shark) default to promiscuous mode.
*
* Alternatively, we could return the "promiscuous
* mode not supported" *warning* value, so that
* correct code will either ignore it or report
* it and continue capturing. (This may require
* a pcap_init() flag to request that return
* value, so that old incorrect programs that
* assume a non-zero return from pcap_activate()
* is an error don't break.)
*/
if (errcode != NPF_SURFACE_MOBILE_NONPROMISC)
if (errcode != (NDIS_STATUS_NOT_SUPPORTED|NT_STATUS_CUSTOMER_DEFINED))
{
pcap_fmt_errmsg_for_win32_err(p->errbuf,
PCAP_ERRBUF_SIZE, errcode,
@@ -1281,7 +1373,7 @@ pcap_activate_npf(pcap_t *p)
* Suppress spurious error generated by non-compiant
* MS Surface mobile adapters.
*/
if (errcode != NPF_SURFACE_MOBILE_NONPROMISC)
if (errcode != (NDIS_STATUS_NOT_SUPPORTED|NT_STATUS_CUSTOMER_DEFINED))
{
pcap_fmt_errmsg_for_win32_err(p->errbuf,
PCAP_ERRBUF_SIZE, errcode,
@@ -1498,40 +1590,84 @@ pcap_can_set_rfmon_npf(pcap_t *p)
return (PacketIsMonitorModeSupported(p->opt.device) == 1);
}
pcap_t *
pcap_create_interface(const char *device _U_, char *ebuf)
{
pcap_t *p;
/*
* Get a list of time stamp types.
*/
#ifdef HAVE_PACKET_GET_TIMESTAMP_MODES
char *device_copy;
ADAPTER *adapter;
static int
get_ts_types(const char *device, pcap_t *p, char *ebuf)
{
char *device_copy = NULL;
ADAPTER *adapter = NULL;
ULONG num_ts_modes;
BOOL ret;
DWORD error;
ULONG *modes;
#endif
DWORD error = ERROR_SUCCESS;
ULONG *modes = NULL;
int status = 0;
p = PCAP_CREATE_COMMON(ebuf, struct pcap_win);
if (p == NULL)
return (NULL);
do {
/*
* First, find out how many time stamp modes we have.
* To do that, we have to open the adapter.
*
* XXX - PacketOpenAdapter() takes a non-const pointer
* as an argument, so we make a copy of the argument and
* pass that to it.
*/
device_copy = strdup(device);
if (device_copy == NULL) {
pcap_fmt_errmsg_for_errno(ebuf, PCAP_ERRBUF_SIZE, errno, "malloc");
status = -1;
break;
}
p->activate_op = pcap_activate_npf;
p->can_set_rfmon_op = pcap_can_set_rfmon_npf;
adapter = PacketOpenAdapter(device_copy);
if (adapter == NULL)
{
error = GetLastError();
/*
* If we can't open the device now, we won't be
* able to later, either.
*
* If the error is something that indicates
* that the device doesn't exist, or that they
* don't have permission to open the device - or
* perhaps that they don't have permission to get
* a list of devices, if PacketOpenAdapter() does
* that - the user will find that out when they try
* to activate the device; just return an empty
* list of time stamp types.
*
* Treating either of those as errors will, for
* example, cause "tcpdump -i <number>" to fail,
* because it first tries to pass the interface
* name to pcap_create() and pcap_activate(),
* in order to handle OSes where interfaces can
* have names that are just numbers (stand up
* and say hello, Linux!), and, if pcap_activate()
* fails with a "no such device" error, checks
* whether the interface name is a valid number
* and, if so, tries to use it as an index in
* the list of interfaces.
*
* That means pcap_create() must succeed even
* for interfaces that don't exist, with the
* failure occurring at pcap_activate() time.
*/
if (error == ERROR_BAD_UNIT ||
error == ERROR_ACCESS_DENIED) {
p->tstamp_type_count = 0;
p->tstamp_type_list = NULL;
status = 0;
} else {
pcap_fmt_errmsg_for_win32_err(ebuf,
PCAP_ERRBUF_SIZE, error,
"Error opening adapter");
status = -1;
}
break;
}
#ifdef HAVE_PACKET_GET_TIMESTAMP_MODES
/*
* First, find out how many time stamp modes we have.
* To do that, we have to open the adapter.
*
* XXX - PacketOpenAdapter() takes a non-const pointer
* as an argument, so we make a copy of the argument and
* pass that to it.
*/
device_copy = strdup(device);
adapter = PacketOpenAdapter(device_copy);
free(device_copy);
if (adapter != NULL)
{
/*
* Get the total number of time stamp modes.
*
@@ -1563,116 +1699,186 @@ pcap_create_interface(const char *device _U_, char *ebuf)
*/
error = GetLastError();
if (error != ERROR_MORE_DATA) {
/*
* No, did it fail with ERROR_INVALID_FUNCTION?
*/
if (error == ERROR_INVALID_FUNCTION) {
/*
* This is probably due to
* the driver with which Packet.dll
* communicates being older, or
* being a WinPcap driver, so
* that it doesn't support
* BIOCGTIMESTAMPMODES.
*
* Tell the user to try uninstalling
* Npcap - and WinPcap if installed -
* and re-installing it, to flush
* out all older drivers.
*/
snprintf(ebuf, PCAP_ERRBUF_SIZE,
"PacketGetTimestampModes() failed with ERROR_INVALID_FUNCTION; try uninstalling Npcap, and WinPcap if installed, and re-installing it from npcap.com");
status = -1;
break;
}
/*
* No, some other error. Fail.
*/
pcap_fmt_errmsg_for_win32_err(ebuf,
PCAP_ERRBUF_SIZE, GetLastError(),
PCAP_ERRBUF_SIZE, error,
"Error calling PacketGetTimestampModes");
pcap_close(p);
return (NULL);
}
/*
* Yes, so we now know how many types to fetch.
*
* The buffer needs to have one ULONG for the
* count and num_ts_modes ULONGs for the
* num_ts_modes time stamp types.
*/
modes = (ULONG *)malloc((1 + num_ts_modes) * sizeof(ULONG));
if (modes == NULL) {
/* Out of memory. */
/* XXX SET ebuf */
pcap_close(p);
return (NULL);
}
modes[0] = 1 + num_ts_modes;
if (!PacketGetTimestampModes(adapter, modes)) {
pcap_fmt_errmsg_for_win32_err(ebuf,
PCAP_ERRBUF_SIZE, GetLastError(),
"Error calling PacketGetTimestampModes");
free(modes);
pcap_close(p);
return (NULL);
}
if (modes[0] != num_ts_modes) {
snprintf(ebuf, PCAP_ERRBUF_SIZE,
"First PacketGetTimestampModes() call gives %lu modes, second call gives %lu modes",
num_ts_modes, modes[0]);
free(modes);
pcap_close(p);
return (NULL);
}
if (num_ts_modes != 0) {
u_int num_ts_types;
/*
* Allocate a buffer big enough for
* PCAP_TSTAMP_HOST (default) plus
* the explicitly specified modes.
*/
p->tstamp_type_list = malloc((1 + modes[0]) * sizeof(u_int));
if (p->tstamp_type_list == NULL) {
/* XXX SET ebuf */
free(modes);
pcap_close(p);
return (NULL);
}
num_ts_types = 0;
p->tstamp_type_list[num_ts_types] =
PCAP_TSTAMP_HOST;
num_ts_types++;
for (ULONG i = 0; i < modes[0]; i++) {
switch (modes[i + 1]) {
case TIMESTAMPMODE_SINGLE_SYNCHRONIZATION:
/*
* Better than low-res,
* but *not* synchronized
* with the OS clock.
*/
p->tstamp_type_list[num_ts_types] =
PCAP_TSTAMP_HOST_HIPREC_UNSYNCED;
num_ts_types++;
break;
case TIMESTAMPMODE_QUERYSYSTEMTIME:
/*
* Low-res, but synchronized
* with the OS clock.
*/
p->tstamp_type_list[num_ts_types] =
PCAP_TSTAMP_HOST_LOWPREC;
num_ts_types++;
break;
case TIMESTAMPMODE_QUERYSYSTEMTIME_PRECISE:
/*
* High-res, and synchronized
* with the OS clock.
*/
p->tstamp_type_list[num_ts_types] =
PCAP_TSTAMP_HOST_HIPREC;
num_ts_types++;
break;
default:
/*
* Unknown, so we can't
* report it.
*/
break;
}
}
p->tstamp_type_count = num_ts_types;
free(modes);
status = -1;
break;
}
}
/* else (ret == TRUE)
* Unexpected success. Let's act like we got ERROR_MORE_DATA.
* If it doesn't work, we'll hit some other error condition farther on.
*/
/* If the driver reports no modes supported *and*
* ERROR_MORE_DATA, something is seriously wrong.
* We *could* ignore the error and continue without supporting
* settable timestamp modes, but that would hide a bug.
*/
if (num_ts_modes == 0) {
snprintf(ebuf, PCAP_ERRBUF_SIZE,
"PacketGetTimestampModes() reports 0 modes supported.");
status = -1;
break;
}
/*
* Yes, so we now know how many types to fetch.
*
* The buffer needs to have one ULONG for the
* count and num_ts_modes ULONGs for the
* num_ts_modes time stamp types.
*/
modes = (ULONG *)malloc((1 + num_ts_modes) * sizeof(ULONG));
if (modes == NULL) {
/* Out of memory. */
pcap_fmt_errmsg_for_errno(ebuf, PCAP_ERRBUF_SIZE, errno, "malloc");
status = -1;
break;
}
modes[0] = 1 + num_ts_modes;
if (!PacketGetTimestampModes(adapter, modes)) {
pcap_fmt_errmsg_for_win32_err(ebuf,
PCAP_ERRBUF_SIZE, GetLastError(),
"Error calling PacketGetTimestampModes");
status = -1;
break;
}
if (modes[0] != num_ts_modes) {
snprintf(ebuf, PCAP_ERRBUF_SIZE,
"First PacketGetTimestampModes() call gives %lu modes, second call gives %lu modes",
num_ts_modes, modes[0]);
status = -1;
break;
}
/*
* Allocate a buffer big enough for
* PCAP_TSTAMP_HOST (default) plus
* the explicitly specified modes.
*/
p->tstamp_type_list = malloc((1 + num_ts_modes) * sizeof(u_int));
if (p->tstamp_type_list == NULL) {
pcap_fmt_errmsg_for_errno(ebuf, PCAP_ERRBUF_SIZE, errno, "malloc");
status = -1;
break;
}
u_int num_ts_types = 0;
p->tstamp_type_list[num_ts_types] =
PCAP_TSTAMP_HOST;
num_ts_types++;
for (ULONG i = 0; i < num_ts_modes; i++) {
switch (modes[i + 1]) {
case TIMESTAMPMODE_SINGLE_SYNCHRONIZATION:
/*
* Better than low-res,
* but *not* synchronized
* with the OS clock.
*/
p->tstamp_type_list[num_ts_types] =
PCAP_TSTAMP_HOST_HIPREC_UNSYNCED;
num_ts_types++;
break;
case TIMESTAMPMODE_QUERYSYSTEMTIME:
/*
* Low-res, but synchronized
* with the OS clock.
*/
p->tstamp_type_list[num_ts_types] =
PCAP_TSTAMP_HOST_LOWPREC;
num_ts_types++;
break;
case TIMESTAMPMODE_QUERYSYSTEMTIME_PRECISE:
/*
* High-res, and synchronized
* with the OS clock.
*/
p->tstamp_type_list[num_ts_types] =
PCAP_TSTAMP_HOST_HIPREC;
num_ts_types++;
break;
default:
/*
* Unknown, so we can't
* report it.
*/
break;
}
}
p->tstamp_type_count = num_ts_types;
} while (0);
/* Clean up temporary allocations */
if (device_copy != NULL) {
free(device_copy);
}
if (modes != NULL) {
free(modes);
}
if (adapter != NULL) {
PacketCloseAdapter(adapter);
}
return status;
}
#else /* HAVE_PACKET_GET_TIMESTAMP_MODES */
static int
get_ts_types(const char *device _U_, pcap_t *p _U_, char *ebuf _U_)
{
/*
* Nothing to fetch, so it always "succeeds".
*/
return 0;
}
#endif /* HAVE_PACKET_GET_TIMESTAMP_MODES */
pcap_t *
pcap_create_interface(const char *device _U_, char *ebuf)
{
pcap_t *p;
p = PCAP_CREATE_COMMON(ebuf, struct pcap_win);
if (p == NULL)
return (NULL);
p->activate_op = pcap_activate_npf;
p->can_set_rfmon_op = pcap_can_set_rfmon_npf;
if (get_ts_types(device, p, ebuf) == -1) {
pcap_close(p);
return (NULL);
}
return (p);
}
@@ -1879,8 +2085,8 @@ get_if_flags(const char *name, bpf_u_int32 *flags, char *errbuf)
#ifdef OID_GEN_PHYSICAL_MEDIUM_EX
OID_GEN_PHYSICAL_MEDIUM_EX,
#endif
OID_GEN_PHYSICAL_MEDIUM
};
OID_GEN_PHYSICAL_MEDIUM
};
#define N_GEN_PHYSICAL_MEDIUM_OIDS (sizeof gen_physical_medium_oids / sizeof gen_physical_medium_oids[0])
size_t i;
#endif /* OID_GEN_PHYSICAL_MEDIUM */
@@ -1933,7 +2139,7 @@ get_if_flags(const char *name, bpf_u_int32 *flags, char *errbuf)
*flags |= PCAP_IF_WIRELESS;
/*
* A "network assosiation state" makes no sense for airpcap.
* A "network association state" makes no sense for airpcap.
*/
*flags |= PCAP_IF_CONNECTION_STATUS_NOT_APPLICABLE;
PacketCloseAdapter(adapter);
@@ -2192,7 +2398,7 @@ pcap_platform_finddevs(pcap_if_list_t *devlistp, char *errbuf)
desc++;
/*
* Found it - "desc" points to the first of the two
* Found it - "desc" points to the first of the two
* nulls at the end of the list of names, so the
* first byte of the list of descriptions is two bytes
* after it.

3
libpcap/pcap-pf.c
View File

@@ -133,6 +133,9 @@ pcap_read_pf(pcap_t *pc, int cnt, pcap_handler callback, u_char *user)
bp = pc->bp;
/*
* Loop through each packet.
*
* This assumes that a single buffer of packets will have
* <= INT_MAX packets, so the packet count doesn't overflow.
*/
n = 0;
pad = pc->fddipad;

22
libpcap/pcap-rdmasniff.c
View File

@@ -38,6 +38,7 @@
#include <infiniband/verbs.h>
#include <stdlib.h>
#include <string.h>
#include <limits.h> /* for INT_MAX */
#include <sys/time.h>
#if !defined(IBV_FLOW_ATTR_SNIFFER)
@@ -136,15 +137,30 @@ rdmasniff_read(pcap_t *handle, int max_packets, pcap_handler callback, u_char *u
priv->cq_event = 1;
}
while (count < max_packets || PACKET_COUNT_IS_UNLIMITED(max_packets)) {
/*
* This can conceivably process more than INT_MAX packets,
* which would overflow the packet count, causing it either
* to look like a negative number, and thus cause us to
* return a value that looks like an error, or overflow
* back into positive territory, and thus cause us to
* return a too-low count.
*
* Therefore, if the packet count is unlimited, we clip
* it at INT_MAX; this routine is not expected to
* process packets indefinitely, so that's not an issue.
*/
if (PACKET_COUNT_IS_UNLIMITED(max_packets))
max_packets = INT_MAX;
while (count < max_packets) {
if (ibv_poll_cq(priv->cq, 1, &wc) != 1) {
priv->cq_event = 0;
break;
}
if (wc.status != IBV_WC_SUCCESS) {
fprintf(stderr, "failed WC wr_id %lld status %d/%s\n",
(unsigned long long) wc.wr_id,
fprintf(stderr, "failed WC wr_id %" PRIu64 " status %d/%s\n",
wc.wr_id,
wc.status, ibv_wc_status_str(wc.status));
continue;
}

238
libpcap/pcap-rpcap.c
View File

@@ -36,13 +36,16 @@
#endif
#include "ftmacros.h"
#include "diag-control.h"
#include <string.h> /* for strlen(), ... */
#include <stdlib.h> /* for malloc(), free(), ... */
#include <stdarg.h> /* for functions with variable number of arguments */
#include <errno.h> /* for the errno variable */
#include <limits.h> /* for INT_MAX */
#include "sockutils.h"
#include "pcap-int.h"
#include "pcap-util.h"
#include "rpcap-protocol.h"
#include "pcap-rpcap.h"
@@ -93,6 +96,7 @@ struct activehosts
SOCKET sockctrl;
SSL *ssl;
uint8 protocol_version;
int byte_swapped;
struct activehosts *next;
};
@@ -128,6 +132,7 @@ struct pcap_rpcap {
uint8 protocol_version; /* negotiated protocol version */
uint8 uses_ssl; /* User asked for rpcaps scheme */
int byte_swapped; /* Server byte order is swapped from ours */
unsigned int TotNetDrops; /* keeps the number of packets that have been dropped by the network */
@@ -432,7 +437,8 @@ static int pcap_read_nocb_remote(pcap_t *p, struct pcap_pkthdr *pkt_header, u_ch
return 0;
}
#endif
sock_geterror("select()", p->errbuf, PCAP_ERRBUF_SIZE);
sock_geterrmsg(p->errbuf, PCAP_ERRBUF_SIZE,
"select() failed");
return -1;
}
}
@@ -644,6 +650,21 @@ static int pcap_read_rpcap(pcap_t *p, int cnt, pcap_handler callback, u_char *us
}
}
/*
* This can conceivably process more than INT_MAX packets,
* which would overflow the packet count, causing it either
* to look like a negative number, and thus cause us to
* return a value that looks like an error, or overflow
* back into positive territory, and thus cause us to
* return a too-low count.
*
* Therefore, if the packet count is unlimited, we clip
* it at INT_MAX; this routine is not expected to
* process packets indefinitely, so that's not an issue.
*/
if (PACKET_COUNT_IS_UNLIMITED(cnt))
cnt = INT_MAX;
while (n < cnt || PACKET_COUNT_IS_UNLIMITED(cnt))
{
/*
@@ -666,9 +687,14 @@ static int pcap_read_rpcap(pcap_t *p, int cnt, pcap_handler callback, u_char *us
if (ret == 1)
{
/*
* We got a packet. Hand it to the callback
* and count it so we can return the count.
* We got a packet.
*
* Do whatever post-processing is necessary, hand
* it to the callback, and count it so we can
* return the count.
*/
pcap_post_process(p->linktype, pr->byte_swapped,
&pkt_header, pkt_data);
(*callback)(user, &pkt_header, pkt_data);
n++;
}
@@ -1003,7 +1029,7 @@ rpcap_remoteact_getsock(const char *host, int *error, char *errbuf)
hints.ai_family = PF_UNSPEC;
hints.ai_socktype = SOCK_STREAM;
retval = sock_initaddress(host, "0", &hints, &addrinfo, errbuf,
retval = sock_initaddress(host, NULL, &hints, &addrinfo, errbuf,
PCAP_ERRBUF_SIZE);
if (retval != 0)
{
@@ -1059,7 +1085,7 @@ static int pcap_startcapture_remote(pcap_t *fp)
struct pcap_rpcap *pr = fp->priv; /* structure used when doing a remote live capture */
char sendbuf[RPCAP_NETBUF_SIZE]; /* temporary buffer in which data to be sent is buffered */
int sendbufidx = 0; /* index which keeps the number of bytes currently buffered */
char portdata[PCAP_BUF_SIZE]; /* temp variable needed to keep the network port for the data connection */
uint16 portdata = 0; /* temp variable needed to keep the network port for the data connection */
uint32 plen;
int active = 0; /* '1' if we're in active mode */
struct activehosts *temp; /* temp var needed to scan the host list chain, to detect if we're in active mode */
@@ -1072,6 +1098,8 @@ static int pcap_startcapture_remote(pcap_t *fp)
struct sockaddr_storage saddr; /* temp, needed to retrieve the network data port chosen on the local machine */
socklen_t saddrlen; /* temp, needed to retrieve the network data port chosen on the local machine */
int ai_family; /* temp, keeps the address family used by the control connection */
struct sockaddr_in *sin4;
struct sockaddr_in6 *sin6;
/* RPCAP-related variables*/
struct rpcap_header header; /* header of the RPCAP packet */
@@ -1085,7 +1113,9 @@ static int pcap_startcapture_remote(pcap_t *fp)
uint32 server_sockbufsize;
// Take the opportunity to clear pr->data_ssl before any goto error,
// as it seems pr->priv is not zeroed after its malloced.
// as it seems p->priv is not zeroed after its malloced.
// XXX - it now should be, as it's allocated by pcap_alloc_pcap_t(),
// which does a calloc().
pr->data_ssl = NULL;
/*
@@ -1119,7 +1149,8 @@ static int pcap_startcapture_remote(pcap_t *fp)
saddrlen = sizeof(struct sockaddr_storage);
if (getpeername(pr->rmt_sockctrl, (struct sockaddr *) &saddr, &saddrlen) == -1)
{
sock_geterror("getsockname()", fp->errbuf, PCAP_ERRBUF_SIZE);
sock_geterrmsg(fp->errbuf, PCAP_ERRBUF_SIZE,
"getsockname() failed");
goto error_nodiscard;
}
ai_family = ((struct sockaddr_storage *) &saddr)->ss_family;
@@ -1128,7 +1159,8 @@ static int pcap_startcapture_remote(pcap_t *fp)
if (getnameinfo((struct sockaddr *) &saddr, saddrlen, host,
sizeof(host), NULL, 0, NI_NUMERICHOST))
{
sock_geterror("getnameinfo()", fp->errbuf, PCAP_ERRBUF_SIZE);
sock_geterrmsg(fp->errbuf, PCAP_ERRBUF_SIZE,
"getnameinfo() failed");
goto error_nodiscard;
}
@@ -1151,10 +1183,10 @@ static int pcap_startcapture_remote(pcap_t *fp)
hints.ai_flags = AI_PASSIVE; /* Data connection is opened by the server toward the client */
/* Let's the server pick up a free network port for us */
if (sock_initaddress(NULL, "0", &hints, &addrinfo, fp->errbuf, PCAP_ERRBUF_SIZE) == -1)
if (sock_initaddress(NULL, NULL, &hints, &addrinfo, fp->errbuf, PCAP_ERRBUF_SIZE) == -1)
goto error_nodiscard;
if ((sockdata = sock_open(addrinfo, SOCKOPEN_SERVER,
if ((sockdata = sock_open(NULL, addrinfo, SOCKOPEN_SERVER,
1 /* max 1 connection in queue */, fp->errbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
goto error_nodiscard;
@@ -1166,15 +1198,27 @@ static int pcap_startcapture_remote(pcap_t *fp)
saddrlen = sizeof(struct sockaddr_storage);
if (getsockname(sockdata, (struct sockaddr *) &saddr, &saddrlen) == -1)
{
sock_geterror("getsockname()", fp->errbuf, PCAP_ERRBUF_SIZE);
sock_geterrmsg(fp->errbuf, PCAP_ERRBUF_SIZE,
"getsockname() failed");
goto error_nodiscard;
}
/* Get the local port the system picked up */
if (getnameinfo((struct sockaddr *) &saddr, saddrlen, NULL,
0, portdata, sizeof(portdata), NI_NUMERICSERV))
{
sock_geterror("getnameinfo()", fp->errbuf, PCAP_ERRBUF_SIZE);
switch (saddr.ss_family) {
case AF_INET:
sin4 = (struct sockaddr_in *)&saddr;
portdata = sin4->sin_port;
break;
case AF_INET6:
sin6 = (struct sockaddr_in6 *)&saddr;
portdata = sin6->sin6_port;
break;
default:
snprintf(fp->errbuf, PCAP_ERRBUF_SIZE,
"Local address has unknown address family %u",
saddr.ss_family);
goto error_nodiscard;
}
}
@@ -1207,8 +1251,7 @@ static int pcap_startcapture_remote(pcap_t *fp)
/* portdata on the openreq is meaningful only if we're in active mode */
if ((active) || (pr->rmt_flags & PCAP_OPENFLAG_DATATX_UDP))
{
sscanf(portdata, "%d", (int *)&(startcapreq->portdata)); /* cast to avoid a compiler warning */
startcapreq->portdata = htons(startcapreq->portdata);
startcapreq->portdata = portdata;
}
startcapreq->snaplen = htonl(fp->snapshot);
@@ -1257,16 +1300,18 @@ static int pcap_startcapture_remote(pcap_t *fp)
{
if (!active)
{
char portstring[PCAP_BUF_SIZE];
memset(&hints, 0, sizeof(struct addrinfo));
hints.ai_family = ai_family; /* Use the same address family of the control socket */
hints.ai_socktype = (pr->rmt_flags & PCAP_OPENFLAG_DATATX_UDP) ? SOCK_DGRAM : SOCK_STREAM;
snprintf(portdata, PCAP_BUF_SIZE, "%d", ntohs(startcapreply.portdata));
snprintf(portstring, PCAP_BUF_SIZE, "%d", ntohs(startcapreply.portdata));
/* Let's the server pick up a free network port for us */
if (sock_initaddress(host, portdata, &hints, &addrinfo, fp->errbuf, PCAP_ERRBUF_SIZE) == -1)
if (sock_initaddress(host, portstring, &hints, &addrinfo, fp->errbuf, PCAP_ERRBUF_SIZE) == -1)
goto error;
if ((sockdata = sock_open(addrinfo, SOCKOPEN_CLIENT, 0, fp->errbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
if ((sockdata = sock_open(host, addrinfo, SOCKOPEN_CLIENT, 0, fp->errbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
goto error;
/* addrinfo is no longer used */
@@ -1284,7 +1329,8 @@ static int pcap_startcapture_remote(pcap_t *fp)
if (socktemp == INVALID_SOCKET)
{
sock_geterror("accept()", fp->errbuf, PCAP_ERRBUF_SIZE);
sock_geterrmsg(fp->errbuf, PCAP_ERRBUF_SIZE,
"accept() failed");
goto error;
}
@@ -1318,7 +1364,8 @@ static int pcap_startcapture_remote(pcap_t *fp)
res = getsockopt(sockdata, SOL_SOCKET, SO_RCVBUF, (char *)&sockbufsize, &itemp);
if (res == -1)
{
sock_geterror("pcap_startcapture_remote(): getsockopt() failed", fp->errbuf, PCAP_ERRBUF_SIZE);
sock_geterrmsg(fp->errbuf, PCAP_ERRBUF_SIZE,
"pcap_startcapture_remote(): getsockopt() failed");
goto error;
}
@@ -1697,14 +1744,16 @@ static int pcap_createfilter_norpcappkt(pcap_t *fp, struct bpf_program *prog)
saddrlen = sizeof(struct sockaddr_storage);
if (getpeername(pr->rmt_sockctrl, (struct sockaddr *) &saddr, &saddrlen) == -1)
{
sock_geterror("getpeername()", fp->errbuf, PCAP_ERRBUF_SIZE);
sock_geterrmsg(fp->errbuf, PCAP_ERRBUF_SIZE,
"getpeername() failed");
return -1;
}
if (getnameinfo((struct sockaddr *) &saddr, saddrlen, peeraddress,
sizeof(peeraddress), peerctrlport, sizeof(peerctrlport), NI_NUMERICHOST | NI_NUMERICSERV))
{
sock_geterror("getnameinfo()", fp->errbuf, PCAP_ERRBUF_SIZE);
sock_geterrmsg(fp->errbuf, PCAP_ERRBUF_SIZE,
"getnameinfo() failed");
return -1;
}
@@ -1712,7 +1761,8 @@ static int pcap_createfilter_norpcappkt(pcap_t *fp, struct bpf_program *prog)
/* Get the name/port of the current host */
if (getsockname(pr->rmt_sockctrl, (struct sockaddr *) &saddr, &saddrlen) == -1)
{
sock_geterror("getsockname()", fp->errbuf, PCAP_ERRBUF_SIZE);
sock_geterrmsg(fp->errbuf, PCAP_ERRBUF_SIZE,
"getsockname() failed");
return -1;
}
@@ -1720,21 +1770,24 @@ static int pcap_createfilter_norpcappkt(pcap_t *fp, struct bpf_program *prog)
if (getnameinfo((struct sockaddr *) &saddr, saddrlen, myaddress,
sizeof(myaddress), myctrlport, sizeof(myctrlport), NI_NUMERICHOST | NI_NUMERICSERV))
{
sock_geterror("getnameinfo()", fp->errbuf, PCAP_ERRBUF_SIZE);
sock_geterrmsg(fp->errbuf, PCAP_ERRBUF_SIZE,
"getnameinfo() failed");
return -1;
}
/* Let's now check the data port */
if (getsockname(pr->rmt_sockdata, (struct sockaddr *) &saddr, &saddrlen) == -1)
{
sock_geterror("getsockname()", fp->errbuf, PCAP_ERRBUF_SIZE);
sock_geterrmsg(fp->errbuf, PCAP_ERRBUF_SIZE,
"getsockname() failed");
return -1;
}
/* Get the local port the system picked up */
if (getnameinfo((struct sockaddr *) &saddr, saddrlen, NULL, 0, mydataport, sizeof(mydataport), NI_NUMERICSERV))
{
sock_geterror("getnameinfo()", fp->errbuf, PCAP_ERRBUF_SIZE);
sock_geterrmsg(fp->errbuf, PCAP_ERRBUF_SIZE,
"getnameinfo() failed");
return -1;
}
@@ -1900,6 +1953,10 @@ static int pcap_setsampling_remote(pcap_t *fp)
* \param ver: pointer to variable to which to set the protocol version
* number we selected.
*
* \param byte_swapped: pointer to variable to which to set 1 if the
* byte order the server says it has is byte-swapped from ours, 0
* otherwise (whether it's the same as ours or is unknown).
*
* \param auth: authentication parameters that have to be sent.
*
* \param errbuf: a pointer to a user-allocated buffer (of size
@@ -1910,7 +1967,8 @@ static int pcap_setsampling_remote(pcap_t *fp)
* \return '0' if everything is fine, '-1' for an error. For errors,
* an error message string is returned in the 'errbuf' variable.
*/
static int rpcap_doauth(SOCKET sockctrl, SSL *ssl, uint8 *ver, struct pcap_rmtauth *auth, char *errbuf)
static int rpcap_doauth(SOCKET sockctrl, SSL *ssl, uint8 *ver,
int *byte_swapped, struct pcap_rmtauth *auth, char *errbuf)
{
char sendbuf[RPCAP_NETBUF_SIZE]; /* temporary buffer in which data that has to be sent is buffered */
int sendbufidx = 0; /* index which keeps the number of bytes currently buffered */
@@ -1922,6 +1980,8 @@ static int rpcap_doauth(SOCKET sockctrl, SSL *ssl, uint8 *ver, struct pcap_rmtau
uint32 plen;
struct rpcap_authreply authreply; /* authentication reply message */
uint8 ourvers;
int has_byte_order; /* The server sent its version of the byte-order magic number */
u_int their_byte_order_magic; /* Here's what it is */
if (auth)
{
@@ -2026,17 +2086,46 @@ static int rpcap_doauth(SOCKET sockctrl, SSL *ssl, uint8 *ver, struct pcap_rmtau
plen = header.plen;
if (plen != 0)
{
/* Yes - is it big enough to be version information? */
if (plen < sizeof(struct rpcap_authreply))
size_t reply_len;
/* Yes - is it big enough to include version information? */
if (plen < sizeof(struct rpcap_authreply_old))
{
/* No - discard it and fail. */
snprintf(errbuf, PCAP_ERRBUF_SIZE,
"Authenticaton reply from server is too short");
(void)rpcap_discard(sockctrl, ssl, plen, NULL);
return -1;
}
/* Yes - does it include server byte order information? */
if (plen == sizeof(struct rpcap_authreply_old))
{
/* No - just read the version information */
has_byte_order = 0;
reply_len = sizeof(struct rpcap_authreply_old);
}
else if (plen >= sizeof(struct rpcap_authreply_old))
{
/* Yes - read it all. */
has_byte_order = 1;
reply_len = sizeof(struct rpcap_authreply);
}
else
{
/*
* Too long for old reply, too short for new reply.
* Discard it and fail.
*/
snprintf(errbuf, PCAP_ERRBUF_SIZE,
"Authenticaton reply from server is too short");
(void)rpcap_discard(sockctrl, ssl, plen, NULL);
return -1;
}
/* Read the reply body */
if (rpcap_recv(sockctrl, ssl, (char *)&authreply,
sizeof(struct rpcap_authreply), &plen, errbuf) == -1)
reply_len, &plen, errbuf) == -1)
{
(void)rpcap_discard(sockctrl, ssl, plen, NULL);
return -1;
@@ -2059,12 +2148,32 @@ static int rpcap_doauth(SOCKET sockctrl, SSL *ssl, uint8 *ver, struct pcap_rmtau
"The server's minimum supported protocol version is greater than its maximum supported protocol version");
return -1;
}
if (has_byte_order)
{
their_byte_order_magic = authreply.byte_order_magic;
}
else
{
/*
* The server didn't tell us what its byte
* order is; assume it's ours.
*/
their_byte_order_magic = RPCAP_BYTE_ORDER_MAGIC;
}
}
else
{
/* No - it supports only version 0. */
authreply.minvers = 0;
authreply.maxvers = 0;
/*
* And it didn't tell us what its byte order is; assume
* it's ours.
*/
has_byte_order = 0;
their_byte_order_magic = RPCAP_BYTE_ORDER_MAGIC;
}
/*
@@ -2097,6 +2206,27 @@ static int rpcap_doauth(SOCKET sockctrl, SSL *ssl, uint8 *ver, struct pcap_rmtau
goto novers;
}
/*
* Is the server byte order the opposite of ours?
*/
if (their_byte_order_magic == RPCAP_BYTE_ORDER_MAGIC)
{
/* No, it's the same. */
*byte_swapped = 0;
}
else if (their_byte_order_magic == RPCAP_BYTE_ORDER_MAGIC_SWAPPED)
{
/* Yes, it's the opposite of ours. */
*byte_swapped = 1;
}
else
{
/* They sent us something bogus. */
snprintf(errbuf, PCAP_ERRBUF_SIZE,
"The server did not send us a valid byte order value");
return -1;
}
*ver = ourvers;
return 0;
@@ -2129,8 +2259,8 @@ pcap_setnonblock_rpcap(pcap_t *p, int nonblock _U_)
static int
rpcap_setup_session(const char *source, struct pcap_rmtauth *auth,
int *activep, SOCKET *sockctrlp, uint8 *uses_sslp, SSL **sslp,
int rmt_flags, uint8 *protocol_versionp, char *host, char *port,
char *iface, char *errbuf)
int rmt_flags, uint8 *protocol_versionp, int *byte_swappedp,
char *host, char *port, char *iface, char *errbuf)
{
int type;
struct activehosts *activeconn; /* active connection, if there is one */
@@ -2180,6 +2310,7 @@ rpcap_setup_session(const char *source, struct pcap_rmtauth *auth,
*sockctrlp = activeconn->sockctrl;
*sslp = activeconn->ssl;
*protocol_versionp = activeconn->protocol_version;
*byte_swappedp = activeconn->byte_swapped;
}
else
{
@@ -2217,7 +2348,7 @@ rpcap_setup_session(const char *source, struct pcap_rmtauth *auth,
return -1;
}
if ((*sockctrlp = sock_open(addrinfo, SOCKOPEN_CLIENT, 0,
if ((*sockctrlp = sock_open(host, addrinfo, SOCKOPEN_CLIENT, 0,
errbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
{
freeaddrinfo(addrinfo);
@@ -2246,8 +2377,8 @@ rpcap_setup_session(const char *source, struct pcap_rmtauth *auth,
#endif
}
if (rpcap_doauth(*sockctrlp, *sslp, protocol_versionp, auth,
errbuf) == -1)
if (rpcap_doauth(*sockctrlp, *sslp, protocol_versionp,
byte_swappedp, auth, errbuf) == -1)
{
#ifdef HAVE_OPENSSL
if (*sslp)
@@ -2313,6 +2444,7 @@ pcap_t *pcap_open_rpcap(const char *source, int snaplen, int flags, int read_tim
SOCKET sockctrl;
SSL *ssl = NULL;
uint8 protocol_version; /* negotiated protocol version */
int byte_swapped; /* server is known to be byte-swapped */
int active;
uint32 plen;
char sendbuf[RPCAP_NETBUF_SIZE]; /* temporary buffer in which data to be sent is buffered */
@@ -2358,8 +2490,8 @@ pcap_t *pcap_open_rpcap(const char *source, int snaplen, int flags, int read_tim
* Attempt to set up the session with the server.
*/
if (rpcap_setup_session(fp->opt.device, auth, &active, &sockctrl,
&pr->uses_ssl, &ssl, flags, &protocol_version, host, ctrlport,
iface, errbuf) == -1)
&pr->uses_ssl, &ssl, flags, &protocol_version, &byte_swapped,
host, ctrlport, iface, errbuf) == -1)
{
/* Session setup failed. */
pcap_close(fp);
@@ -2408,6 +2540,7 @@ pcap_t *pcap_open_rpcap(const char *source, int snaplen, int flags, int read_tim
pr->rmt_sockctrl = sockctrl;
pr->ctrl_ssl = ssl;
pr->protocol_version = protocol_version;
pr->byte_swapped = byte_swapped;
pr->rmt_clientside = 1;
/* This code is duplicated from the end of this function */
@@ -2479,6 +2612,7 @@ int
pcap_findalldevs_ex_remote(const char *source, struct pcap_rmtauth *auth, pcap_if_t **alldevs, char *errbuf)
{
uint8 protocol_version; /* protocol version */
int byte_swapped; /* Server byte order is swapped from ours */
SOCKET sockctrl; /* socket descriptor of the control connection */
SSL *ssl = NULL; /* optional SSL handler for sockctrl */
uint32 plen;
@@ -2500,7 +2634,8 @@ pcap_findalldevs_ex_remote(const char *source, struct pcap_rmtauth *auth, pcap_i
* Attempt to set up the session with the server.
*/
if (rpcap_setup_session(source, auth, &active, &sockctrl, &uses_ssl,
&ssl, 0, &protocol_version, host, port, NULL, errbuf) == -1)
&ssl, 0, &protocol_version, &byte_swapped, host, port, NULL,
errbuf) == -1)
{
/* Session setup failed. */
return -1;
@@ -2792,6 +2927,7 @@ SOCKET pcap_remoteact_accept_ex(const char *address, const char *port, const cha
SOCKET sockctrl; /* keeps the main socket identifier */
SSL *ssl = NULL; /* Optional SSL handler for sockctrl */
uint8 protocol_version; /* negotiated protocol version */
int byte_swapped; /* 1 if server byte order is known to be the reverse of ours */
struct activehosts *temp, *prev; /* temp var needed to scan he host list chain */
*connectinghost = 0; /* just in case */
@@ -2825,7 +2961,7 @@ SOCKET pcap_remoteact_accept_ex(const char *address, const char *port, const cha
}
if ((sockmain = sock_open(addrinfo, SOCKOPEN_SERVER, 1, errbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
if ((sockmain = sock_open(NULL, addrinfo, SOCKOPEN_SERVER, 1, errbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
{
freeaddrinfo(addrinfo);
return (SOCKET)-2;
@@ -2844,7 +2980,7 @@ SOCKET pcap_remoteact_accept_ex(const char *address, const char *port, const cha
if (sockctrl == INVALID_SOCKET)
{
sock_geterror("accept()", errbuf, PCAP_ERRBUF_SIZE);
sock_geterrmsg(errbuf, PCAP_ERRBUF_SIZE, "accept() failed");
return (SOCKET)-2;
}
@@ -2868,7 +3004,8 @@ SOCKET pcap_remoteact_accept_ex(const char *address, const char *port, const cha
/* Get the numeric for of the name of the connecting host */
if (getnameinfo((struct sockaddr *) &from, fromlen, connectinghost, RPCAP_HOSTLIST_SIZE, NULL, 0, NI_NUMERICHOST))
{
sock_geterror("getnameinfo()", errbuf, PCAP_ERRBUF_SIZE);
sock_geterrmsg(errbuf, PCAP_ERRBUF_SIZE,
"getnameinfo() failed");
rpcap_senderror(sockctrl, ssl, 0, PCAP_ERR_REMOTEACCEPT, errbuf, NULL);
#ifdef HAVE_OPENSSL
if (ssl)
@@ -2901,7 +3038,8 @@ SOCKET pcap_remoteact_accept_ex(const char *address, const char *port, const cha
/*
* Send authentication to the remote machine.
*/
if (rpcap_doauth(sockctrl, ssl, &protocol_version, auth, errbuf) == -1)
if (rpcap_doauth(sockctrl, ssl, &protocol_version, &byte_swapped,
auth, errbuf) == -1)
{
/* Unrecoverable error. */
rpcap_senderror(sockctrl, ssl, 0, PCAP_ERR_REMOTEACCEPT, errbuf, NULL);
@@ -2966,6 +3104,7 @@ SOCKET pcap_remoteact_accept_ex(const char *address, const char *port, const cha
temp->sockctrl = sockctrl;
temp->ssl = ssl;
temp->protocol_version = protocol_version;
temp->byte_swapped = byte_swapped;
temp->next = NULL;
return sockctrl;
@@ -2991,7 +3130,7 @@ int pcap_remoteact_close(const char *host, char *errbuf)
hints.ai_family = PF_UNSPEC;
hints.ai_socktype = SOCK_STREAM;
retval = sock_initaddress(host, "0", &hints, &addrinfo, errbuf,
retval = sock_initaddress(host, NULL, &hints, &addrinfo, errbuf,
PCAP_ERRBUF_SIZE);
if (retval != 0)
{
@@ -3134,7 +3273,8 @@ int pcap_remoteact_list(char *hostlist, char sep, int size, char *errbuf)
/* if (getnameinfo( (struct sockaddr *) &temp->host, sizeof (struct sockaddr_storage), hoststr, */
/* RPCAP_HOSTLIST_SIZE, NULL, 0, NI_NUMERICHOST) ) */
{
/* sock_geterror("getnameinfo()", errbuf, PCAP_ERRBUF_SIZE); */
/* sock_geterrmsg(errbuf, PCAP_ERRBUF_SIZE, */
/* "getnameinfo() failed"); */
return -1;
}
@@ -3351,7 +3491,9 @@ static void rpcap_msg_err(SOCKET sockctrl, SSL *ssl, uint32 plen, char *remote_e
PCAP_ERRBUF_SIZE) == -1)
{
// Network error.
DIAG_OFF_FORMAT_TRUNCATION
snprintf(remote_errbuf, PCAP_ERRBUF_SIZE, "Read of error message from client failed: %s", errbuf);
DIAG_ON_FORMAT_TRUNCATION
return;
}
@@ -3386,7 +3528,9 @@ static void rpcap_msg_err(SOCKET sockctrl, SSL *ssl, uint32 plen, char *remote_e
PCAP_ERRBUF_SIZE) == -1)
{
// Network error.
DIAG_OFF_FORMAT_TRUNCATION
snprintf(remote_errbuf, PCAP_ERRBUF_SIZE, "Read of error message from client failed: %s", errbuf);
DIAG_ON_FORMAT_TRUNCATION
return;
}

4
libpcap/pcap-septel.c
View File

@@ -93,7 +93,7 @@ loop:
h = GCT_grab(id);
m = (MSG*)h;
/* a couter is added here to avoid an infinite loop
/* a counter is added here to avoid an infinite loop
* that will cause our capture program GUI to freeze while waiting
* for a packet*/
counter++ ;
@@ -105,7 +105,7 @@ loop:
t = h->type ;
/* catch only messages with type = 0xcf00 or 0x8f01 corrsponding to ss7 messages*/
/* catch only messages with type = 0xcf00 or 0x8f01 corresponding to ss7 messages*/
/* XXX = why not use API_MSG_TX_REQ for 0xcf00 and API_MSG_RX_IND
* for 0x8f01? */
if ((t != 0xcf00) && (t != 0x8f01)) {

6
libpcap/pcap-sita.c
View File

@@ -441,7 +441,7 @@ static char *translate_IOP_to_pcap_name(unit_t *u, char *IOPname, bpf_u_int32 if
iface->iftype = iftype; /* remember the interface type of this interface */
iface->IOPname = strdup(IOPnam); /* copy it and stick it into the structure */
iface->IOPname = strdup(IOPname); /* copy it and stick it into the structure */
if (iface->IOPname == NULL) { /* oops, we didn't get the memory requested */
fprintf(stderr, "Error...couldn't allocate memory for IOPname...value of errno is: %d\n", errno);
return NULL;
@@ -492,7 +492,7 @@ static char *translate_IOP_to_pcap_name(unit_t *u, char *IOPname, bpf_u_int32 if
u->iface = iface; /* stick this entry at the head of the list */
} else {
iface_ptr = u->iface;
while (iface_ptr->next) { /* othewise scan the list */
while (iface_ptr->next) { /* otherwise scan the list */
iface_ptr = iface_ptr->next; /* till we're at the last entry */
}
iface_ptr->next = iface; /* then tack this entry on the end of the list */
@@ -634,7 +634,7 @@ static int process_client_data (char *errbuf) { /* returns: -1 = error, 0
"malloc");
return -1;
}
memset((char *)addr, 0, sizeof(pcap_addr_t)); /* bzero() is deprecated, replaced with memset() */
memset((char *)addr, 0, sizeof(pcap_addr_t)); /* bzero() is deprecated, replaced with memset() */
if (iff->addresses == 0) iff->addresses = addr;
if (prev_addr) prev_addr->next = addr; /* insert a forward link */
if (*ptr) { /* if there is a count for the address */

22
libpcap/pcap-sita.html
View File

@@ -52,16 +52,16 @@ A { text-decoration:none }
<P>
<CENTER>
<TABLE BORDER=1 CELLSPACING=0 CELLPADDING=3>
<TR><TH>Application</TH> <TH>Capture</TH> <TH>Termination</TH></TR>
<TR><TH VALIGN=TOP NOWRAP>wireshark</TH>
<TR><TH>Application</TH> <TH>Capture</TH> <TH>Termination</TH></TR>
<TR><TH VALIGN=TOP NOWRAP>wireshark</TH>
<TD VALIGN=TOP>pcap_dispatch(all packets in one buffer of capture only)</TD>
<TD VALIGN=TOP>pcap_breakloop()</TD>
</TR>
<TR><TH VALIGN=TOP NOWRAP>tshark</TH>
<TR><TH VALIGN=TOP NOWRAP>tshark</TH>
<TD VALIGN=TOP>pcap_dispatch(one buffer of capture only)</TD>
<TD VALIGN=TOP>Since a CTRL-C was used to terminate the application, pcap_breakloop() is never called.</TD>
</TR>
<TR><TH VALIGN=TOP NOWRAP>tcpdump</TH>
<TR><TH VALIGN=TOP NOWRAP>tcpdump</TH>
<TD VALIGN=TOP>pcap_loop(all packets in the next buffer, and loop forever)</TD>
<TD VALIGN=TOP>pcap_breakloop()</TD>
</TR>
@@ -771,13 +771,13 @@ A { text-decoration:none }
<P>
<TABLE>
<TR>
<TD STYLE="background-color: #c0FFc0">&nbsp;[Packet Header]&nbsp;</TD>
<TD STYLE="background-color: #c0FFc0">&nbsp;[Packet Data]&nbsp;</TD>
<TD STYLE="background-color: #c0c0FF">&nbsp;[Packet Header]&nbsp;</TD>
<TD STYLE="background-color: #c0c0FF">&nbsp;[Packet Data]&nbsp;</TD>
<TD STYLE="background-color: #e0c0c0">&nbsp;[Packet Header]&nbsp;</TD>
<TD STYLE="background-color: #e0c0c0">&nbsp;[Packet Data]&nbsp;</TD>
<TD>...</TD>
<TD STYLE="background-color: #c0FFc0">&nbsp;[Packet Header]&nbsp;</TD>
<TD STYLE="background-color: #c0FFc0">&nbsp;[Packet Data]&nbsp;</TD>
<TD STYLE="background-color: #c0c0FF">&nbsp;[Packet Header]&nbsp;</TD>
<TD STYLE="background-color: #c0c0FF">&nbsp;[Packet Data]&nbsp;</TD>
<TD STYLE="background-color: #e0c0c0">&nbsp;[Packet Header]&nbsp;</TD>
<TD STYLE="background-color: #e0c0c0">&nbsp;[Packet Data]&nbsp;</TD>
<TD>...</TD>
</TR>
</TABLE>

38
libpcap/pcap-snf.c
View File

@@ -9,6 +9,7 @@
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <limits.h> /* for INT_MAX */
#ifndef _WIN32
#include <netinet/in.h>
@@ -139,9 +140,24 @@ snf_read(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
if (!p)
return -1;
/*
* This can conceivably process more than INT_MAX packets,
* which would overflow the packet count, causing it either
* to look like a negative number, and thus cause us to
* return a value that looks like an error, or overflow
* back into positive territory, and thus cause us to
* return a too-low count.
*
* Therefore, if the packet count is unlimited, we clip
* it at INT_MAX; this routine is not expected to
* process packets indefinitely, so that's not an issue.
*/
if (PACKET_COUNT_IS_UNLIMITED(cnt))
cnt = INT_MAX;
n = 0;
timeout = ps->snf_timeout;
while (n < cnt || PACKET_COUNT_IS_UNLIMITED(cnt)) {
while (n < cnt) {
/*
* Has "pcap_breakloop()" been called?
*/
@@ -387,7 +403,7 @@ snf_findalldevs(pcap_if_list_t *devlistp, char *errbuf)
* the port? If so, should we add them to the
* entry for the device, if they're not already in the
* list of IP addresses for the device?
*/
*/
(void)snprintf(desc,MAX_DESC_LENGTH,"Myricom %ssnf%d",
merge ? "Merge Bitmask Port " : "",
merge ? 1 << ifa->snf_ifa_portnum : ifa->snf_ifa_portnum);
@@ -436,14 +452,14 @@ snf_findalldevs(pcap_if_list_t *devlistp, char *errbuf)
*/
ret = inet_pton(AF_INET, dev->name, &addr.sin_addr);
if (ret == 1) {
/*
* Successful conversion of device name
* to IPv4 address.
*/
addr.sin_family = AF_INET;
if (add_addr_to_dev(dev, &addr, sizeof(addr),
NULL, 0, NULL, 0, NULL, 0, errbuf) == -1)
return -1;
/*
* Successful conversion of device name
* to IPv4 address.
*/
addr.sin_family = AF_INET;
if (add_addr_to_dev(dev, &addr, sizeof(addr),
NULL, 0, NULL, 0, NULL, 0, errbuf) == -1)
return -1;
} else if (ret == -1) {
/*
* Error.
@@ -459,7 +475,7 @@ snf_findalldevs(pcap_if_list_t *devlistp, char *errbuf)
snf_freeifaddrs(ifaddrs);
/*
* Create a snfX entry if port aggregation is enabled
*/
*/
if (merge) {
/*
* Add a new entry with all ports bitmask

15
libpcap/pcap-snit.c
View File

@@ -139,6 +139,9 @@ pcap_read_snit(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
/*
* loop through each snapshot in the chunk
*
* This assumes that a single buffer of packets will have
* <= INT_MAX packets, so the packet count doesn't overflow.
*/
n = 0;
ep = bp + cc;
@@ -331,12 +334,16 @@ pcap_activate_snit(pcap_t *p)
if (fd < 0 && errno == EACCES)
p->fd = fd = open(dev, O_RDONLY);
if (fd < 0) {
if (errno == EACCES)
if (errno == EACCES) {
err = PCAP_ERROR_PERM_DENIED;
else
snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
"Attempt to open %s failed with EACCES - root privileges may be required",
dev);
} else {
err = PCAP_ERROR;
pcap_fmt_errmsg_for_errno(p->errbuf, PCAP_ERRBUF_SIZE,
errno, "%s", dev);
pcap_fmt_errmsg_for_errno(p->errbuf, PCAP_ERRBUF_SIZE,
errno, "%s", dev);
}
goto bad;
}

4
libpcap/pcap-tc.c
View File

@@ -914,7 +914,7 @@ static int TcRead(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
return -1;
}
/* No underlaying filtering system. We need to filter on our own */
/* No underlying filtering system. We need to filter on our own */
if (p->fcode.bf_insns)
{
filterResult = pcap_filter(p->fcode.bf_insns, data, tcHeader.Length, tcHeader.CapturedLength);
@@ -1124,7 +1124,7 @@ TcSetMode(pcap_t *p, int mode)
{
if (mode != MODE_CAPT)
{
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "Mode %u not supported by TurboCap devices. TurboCap only supports capture.", mode);
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "Mode %d not supported by TurboCap devices. TurboCap only supports capture.", mode);
return -1;
}

130
libpcap/pcap-usb-linux-common.c Normal file
View File

@@ -0,0 +1,130 @@
/*
* Copyright (c) 1993, 1994, 1995, 1996, 1997
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that: (1) source code distributions
* retain the above copyright notice and this paragraph in its entirety, (2)
* distributions including binary code include the above copyright notice and
* this paragraph in its entirety in the documentation or other materials
* provided with the distribution, and (3) all advertising materials mentioning
* features or use of this software display the following acknowledgement:
* ``This product includes software developed by the University of California,
* Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
* the University nor the names of its contributors may be used to endorse
* or promote products derived from this software without specific prior
* written permission.
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* pcap-usb-linux-common.c - common code for everything that needs to
* deal with Linux USB captures.
*/
#include "pcap/pcap.h"
#include "pcap/usb.h"
#include "pcap-usb-linux-common.h"
/*
* Compute, from the data provided by the Linux USB memory-mapped capture
* mechanism, the amount of packet data that would have been provided
* had the capture mechanism not chopped off any data at the end, if, in
* fact, it did so.
*
* Set the "unsliced length" field of the packet header to that value.
*/
void
fix_linux_usb_mmapped_length(struct pcap_pkthdr *pkth, const u_char *bp)
{
const pcap_usb_header_mmapped *hdr;
u_int bytes_left;
/*
* All callers of this routine must ensure that pkth->caplen is
* >= sizeof (pcap_usb_header_mmapped).
*/
bytes_left = pkth->caplen;
bytes_left -= sizeof (pcap_usb_header_mmapped);
hdr = (const pcap_usb_header_mmapped *) bp;
if (!hdr->data_flag && hdr->transfer_type == URB_ISOCHRONOUS &&
hdr->event_type == URB_COMPLETE &&
(hdr->endpoint_number & URB_TRANSFER_IN) &&
pkth->len == sizeof(pcap_usb_header_mmapped) +
(hdr->ndesc * sizeof (usb_isodesc)) + hdr->urb_len) {
usb_isodesc *descs;
u_int pre_truncation_data_len, pre_truncation_len;
descs = (usb_isodesc *) (bp + sizeof(pcap_usb_header_mmapped));
/*
* We have data (yes, data_flag is 0 if we *do* have data),
* and this is a "this is complete" incoming isochronous
* transfer event, and the length was calculated based
* on the URB length.
*
* That's not correct, because the data isn't contiguous,
* and the isochronous descriptos show how it's scattered.
*
* Find the end of the last chunk of data in the buffer
* referred to by the isochronous descriptors; that indicates
* how far into the buffer the data would have gone.
*
* Make sure we don't run past the end of the captured data
* while processing the isochronous descriptors.
*/
pre_truncation_data_len = 0;
for (uint32_t desc = 0;
desc < hdr->ndesc && bytes_left >= sizeof (usb_isodesc);
desc++, bytes_left -= sizeof (usb_isodesc)) {
u_int desc_end;
if (descs[desc].len != 0) {
desc_end = descs[desc].offset + descs[desc].len;
if (desc_end > pre_truncation_data_len)
pre_truncation_data_len = desc_end;
}
}
/*
* Now calculate the total length based on that data
* length.
*/
pre_truncation_len = sizeof(pcap_usb_header_mmapped) +
(hdr->ndesc * sizeof (usb_isodesc)) +
pre_truncation_data_len;
/*
* If that's greater than or equal to the captured length,
* use that as the length.
*/
if (pre_truncation_len >= pkth->caplen)
pkth->len = pre_truncation_len;
/*
* If the captured length is greater than the length,
* use the captured length.
*
* For completion events for incoming isochronous transfers,
* it's based on data_len, which is calculated the same way
* we calculated pre_truncation_data_len above, except that
* it has access to all the isochronous descriptors, not
* just the ones that the kernel were able to provide us or,
* for a capture file, that weren't sliced off by a snapshot
* length.
*
* However, it might have been reduced by the USB capture
* mechanism arbitrarily limiting the amount of data it
* provides to userland, or by the libpcap capture code
* limiting it to being no more than the snapshot, so
* we don't want to just use it all the time; we only
* do so to try to get a better estimate of the actual
* length - and to make sure the on-the-network length
* is always >= the captured length.
*/
if (pkth->caplen > pkth->len)
pkth->len = pkth->caplen;
}
}

26
libpcap/pcap-usb-linux-common.h Normal file
View File

@@ -0,0 +1,26 @@
/*
* Copyright (c) 1993, 1994, 1995, 1996, 1997
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that: (1) source code distributions
* retain the above copyright notice and this paragraph in its entirety, (2)
* distributions including binary code include the above copyright notice and
* this paragraph in its entirety in the documentation or other materials
* provided with the distribution, and (3) all advertising materials mentioning
* features or use of this software display the following acknowledgement:
* ``This product includes software developed by the University of California,
* Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
* the University nor the names of its contributors may be used to endorse
* or promote products derived from this software without specific prior
* written permission.
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* pcap-usb-linux-common.h - common code for everything that needs to
* deal with Linux USB captures.
*/
extern void fix_linux_usb_mmapped_length(struct pcap_pkthdr *pkth,
const u_char *bp);

139
libpcap/pcap-usb-linux.c
View File

@@ -39,6 +39,7 @@
#include "pcap-int.h"
#include "pcap-usb-linux.h"
#include "pcap-usb-linux-common.h"
#include "pcap/usb.h"
#include "extract.h"
@@ -70,7 +71,12 @@
#include <linux/usbdevice_fs.h>
#endif /* HAVE_LINUX_USBDEVICE_FS_H */
#include "diag-control.h"
#define USB_IFACE "usbmon"
#define USBMON_DEV_PREFIX "usbmon"
#define USBMON_DEV_PREFIX_LEN (sizeof USBMON_DEV_PREFIX - 1)
#define USB_LINE_LEN 4096
#if __BYTE_ORDER == __LITTLE_ENDIAN
@@ -111,10 +117,10 @@ struct mon_bin_mfetch {
#define MON_IOCX_MFETCH _IOWR(MON_IOC_MAGIC, 7, struct mon_bin_mfetch)
#define MON_IOCH_MFLUSH _IO(MON_IOC_MAGIC, 8)
#define MON_BIN_SETUP 0x1 /* setup hdr is present*/
#define MON_BIN_SETUP_ZERO 0x2 /* setup buffer is not available */
#define MON_BIN_DATA_ZERO 0x4 /* data buffer is not available */
#define MON_BIN_ERROR 0x8
#define MON_BIN_SETUP 0x1 /* setup hdr is present*/
#define MON_BIN_SETUP_ZERO 0x2 /* setup buffer is not available */
#define MON_BIN_DATA_ZERO 0x4 /* data buffer is not available */
#define MON_BIN_ERROR 0x8
/*
* Private data for capturing on Linux USB.
@@ -173,9 +179,6 @@ usb_dev_add(pcap_if_list_t *devlistp, int n, char *err_str)
int
usb_findalldevs(pcap_if_list_t *devlistp, char *err_str)
{
char usb_mon_dir[PATH_MAX];
char *usb_mon_prefix;
size_t usb_mon_prefix_len;
struct dirent* data;
int ret = 0;
DIR* dir;
@@ -184,26 +187,10 @@ usb_findalldevs(pcap_if_list_t *devlistp, char *err_str)
/*
* We require 2.6.27 or later kernels, so we have binary-mode support.
* What do the device names look like?
* Split LINUX_USB_MON_DEV into a directory that we'll
* scan and a file name prefix that we'll check for.
* The devices are of the form /dev/usbmon{N}.
* Open /dev and scan it.
*/
pcap_strlcpy(usb_mon_dir, LINUX_USB_MON_DEV, sizeof usb_mon_dir);
usb_mon_prefix = strrchr(usb_mon_dir, '/');
if (usb_mon_prefix == NULL) {
/*
* This "shouldn't happen". Just give up if it
* does.
*/
return 0;
}
*usb_mon_prefix++ = '\0';
usb_mon_prefix_len = strlen(usb_mon_prefix);
/*
* Open the directory and scan it.
*/
dir = opendir(usb_mon_dir);
dir = opendir("/dev");
if (dir != NULL) {
while ((ret == 0) && ((data = readdir(dir)) != 0)) {
name = data->d_name;
@@ -211,13 +198,14 @@ usb_findalldevs(pcap_if_list_t *devlistp, char *err_str)
/*
* Is this a usbmon device?
*/
if (strncmp(name, usb_mon_prefix, usb_mon_prefix_len) != 0)
if (strncmp(name, USBMON_DEV_PREFIX,
USBMON_DEV_PREFIX_LEN) != 0)
continue; /* no */
/*
* What's the device number?
*/
if (sscanf(&name[usb_mon_prefix_len], "%d", &n) == 0)
if (sscanf(&name[USBMON_DEV_PREFIX_LEN], "%d", &n) == 0)
continue; /* failed */
ret = usb_dev_add(devlistp, n, err_str);
@@ -385,13 +373,13 @@ probe_devices(int bus)
ctrl.bRequest = USB_REQ_GET_DESCRIPTOR;
ctrl.wValue = USB_DT_DEVICE << 8;
ctrl.wIndex = 0;
ctrl.wLength = sizeof(descriptor);
ctrl.wLength = sizeof(descriptor);
#else
ctrl.requesttype = USB_DIR_IN | USB_TYPE_STANDARD | USB_RECIP_DEVICE;
ctrl.request = USB_REQ_GET_DESCRIPTOR;
ctrl.value = USB_DT_DEVICE << 8;
ctrl.index = 0;
ctrl.length = sizeof(descriptor);
ctrl.length = sizeof(descriptor);
#endif
ctrl.data = descriptor;
ctrl.timeout = CTRL_TIMEOUT;
@@ -475,7 +463,7 @@ static int
usb_activate(pcap_t* handle)
{
struct pcap_usb_linux *handlep = handle->priv;
char full_path[USB_LINE_LEN];
char full_path[USB_LINE_LEN];
/*
* Turn a negative snapshot value (invalid), a snapshot value of
@@ -512,7 +500,8 @@ usb_activate(pcap_t* handle)
* We require 2.6.27 or later kernels, so we have binary-mode support.
* Try to open the binary interface.
*/
snprintf(full_path, USB_LINE_LEN, LINUX_USB_MON_DEV"%d", handlep->bus_index);
snprintf(full_path, USB_LINE_LEN, "/dev/"USBMON_DEV_PREFIX"%d",
handlep->bus_index);
handle->fd = open(full_path, O_RDONLY, 0);
if (handle->fd < 0)
{
@@ -532,13 +521,23 @@ usb_activate(pcap_t* handle)
* doesn't exist (no "scan all buses"
* device if the bus index is 0, no
* such bus if the bus index isn't 0).
*
* For now, don't provide an error message;
* if we can determine what the particular
* problem is, we should report that.
*/
handle->errbuf[0] = '\0';
return PCAP_ERROR_NO_SUCH_DEVICE;
case EACCES:
/*
* We didn't have permission to open it.
*/
DIAG_OFF_FORMAT_TRUNCATION
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
"Attempt to open %s failed with EACCES - root privileges may be required",
full_path);
DIAG_ON_FORMAT_TRUNCATION
return PCAP_ERROR_PERM_DENIED;
default:
@@ -758,6 +757,7 @@ usb_read_linux_mmap(pcap_t *handle, int max_packets, pcap_handler callback, u_ch
struct mon_bin_mfetch fetch;
int32_t vec[VEC_SIZE];
struct pcap_pkthdr pkth;
u_char *bp;
pcap_usb_header_mmapped* hdr;
int nflush = 0;
int packets = 0;
@@ -767,13 +767,40 @@ usb_read_linux_mmap(pcap_t *handle, int max_packets, pcap_handler callback, u_ch
for (;;) {
int i, ret;
int limit = max_packets - packets;
if (limit <= 0)
limit = VEC_SIZE;
if (limit > VEC_SIZE)
limit = VEC_SIZE;
int limit;
/* try to fetch as many events as possible*/
if (PACKET_COUNT_IS_UNLIMITED(max_packets)) {
/*
* There's no limit on the number of packets
* to process, so try to fetch VEC_SIZE packets.
*/
limit = VEC_SIZE;
} else {
/*
* Try to fetch as many packets as we have left
* to process, or VEC_SIZE packets, whichever
* is less.
*
* At this point, max_packets > 0 (otherwise,
* PACKET_COUNT_IS_UNLIMITED(max_packets)
* would be true) and max_packets > packets
* (packet starts out as 0, and the test
* at the bottom of the loop exits if
* max_packets <= packets), so limit is
* guaranteed to be > 0.
*/
limit = max_packets - packets;
if (limit > VEC_SIZE)
limit = VEC_SIZE;
}
/*
* Try to fetch as many events as possible, up to
* the limit, and flush the events we've processed
* earlier (nflush) - MON_IOCX_MFETCH does both
* (presumably to reduce the number of system
* calls in loops like this).
*/
fetch.offvec = vec;
fetch.nfetch = limit;
fetch.nflush = nflush;
@@ -800,8 +827,27 @@ usb_read_linux_mmap(pcap_t *handle, int max_packets, pcap_handler callback, u_ch
/* keep track of processed events, we will flush them later */
nflush = fetch.nfetch;
for (i=0; i<fetch.nfetch; ++i) {
/*
* XXX - we can't check break_loop here, as
* we read the indices of packets into a
* local variable, so if we're later called
* to fetch more packets, those packets will
* not be seen - and won't be flushed, either.
*
* Instead, we would have to keep the array
* of indices in our private data, along
* with the count of packets to flush - or
* would have to flush the already-processed
* packets if we break out of the loop here.
*/
/* Get a pointer to this packet's buffer */
bp = &handlep->mmapbuf[vec[i]];
/* That begins with a metadata header */
hdr = (pcap_usb_header_mmapped*) bp;
/* discard filler */
hdr = (pcap_usb_header_mmapped*) &handlep->mmapbuf[vec[i]];
if (hdr->event_type == '@')
continue;
@@ -846,6 +892,13 @@ usb_read_linux_mmap(pcap_t *handle, int max_packets, pcap_handler callback, u_ch
*/
pkth.len = sizeof(pcap_usb_header_mmapped) +
(hdr->ndesc * sizeof (usb_isodesc)) + hdr->urb_len;
/*
* Now clean it up if it's a completion
* event for an incoming isochronous
* transfer.
*/
fix_linux_usb_mmapped_length(&pkth, bp);
}
pkth.ts.tv_sec = (time_t)hdr->ts_sec;
pkth.ts.tv_usec = hdr->ts_usec;
@@ -859,8 +912,12 @@ usb_read_linux_mmap(pcap_t *handle, int max_packets, pcap_handler callback, u_ch
}
}
/* with max_packets specifying "unlimited" we stop after the first chunk*/
if (PACKET_COUNT_IS_UNLIMITED(max_packets) || (packets == max_packets))
/*
* If max_packets specifiesg "unlimited", we stop after
* the first chunk.
*/
if (PACKET_COUNT_IS_UNLIMITED(max_packets) ||
(packets >= max_packets))
break;
}

474
libpcap/pcap-util.c Normal file
View File

@@ -0,0 +1,474 @@
/*
* Copyright (c) 1993, 1994, 1995, 1996, 1997
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that: (1) source code distributions
* retain the above copyright notice and this paragraph in its entirety, (2)
* distributions including binary code include the above copyright notice and
* this paragraph in its entirety in the documentation or other materials
* provided with the distribution, and (3) all advertising materials mentioning
* features or use of this software display the following acknowledgement:
* ``This product includes software developed by the University of California,
* Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
* the University nor the names of its contributors may be used to endorse
* or promote products derived from this software without specific prior
* written permission.
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* pcap-common.c - common code for pcap and pcapng files
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <pcap-types.h>
#include "pcap-int.h"
#include "extract.h"
#include "pcap-usb-linux-common.h"
#include "pcap-util.h"
#include "pflog.h"
#include "pcap/can_socketcan.h"
#include "pcap/sll.h"
#include "pcap/usb.h"
#include "pcap/nflog.h"
/*
* Most versions of the DLT_PFLOG pseudo-header have UID and PID fields
* that are saved in host byte order.
*
* When reading a DLT_PFLOG packet, we need to convert those fields from
* the byte order of the host that wrote the file to this host's byte
* order.
*/
static void
swap_pflog_header(const struct pcap_pkthdr *hdr, u_char *buf)
{
u_int caplen = hdr->caplen;
u_int length = hdr->len;
u_int pfloghdr_length;
struct pfloghdr *pflhdr = (struct pfloghdr *)buf;
if (caplen < (u_int) (offsetof(struct pfloghdr, uid) + sizeof pflhdr->uid) ||
length < (u_int) (offsetof(struct pfloghdr, uid) + sizeof pflhdr->uid)) {
/* Not enough data to have the uid field */
return;
}
pfloghdr_length = pflhdr->length;
if (pfloghdr_length < (u_int) (offsetof(struct pfloghdr, uid) + sizeof pflhdr->uid)) {
/* Header doesn't include uid field */
return;
}
pflhdr->uid = SWAPLONG(pflhdr->uid);
if (caplen < (u_int) (offsetof(struct pfloghdr, pid) + sizeof pflhdr->pid) ||
length < (u_int) (offsetof(struct pfloghdr, pid) + sizeof pflhdr->pid)) {
/* Not enough data to have the pid field */
return;
}
if (pfloghdr_length < (u_int) (offsetof(struct pfloghdr, pid) + sizeof pflhdr->pid)) {
/* Header doesn't include pid field */
return;
}
pflhdr->pid = SWAPLONG(pflhdr->pid);
if (caplen < (u_int) (offsetof(struct pfloghdr, rule_uid) + sizeof pflhdr->rule_uid) ||
length < (u_int) (offsetof(struct pfloghdr, rule_uid) + sizeof pflhdr->rule_uid)) {
/* Not enough data to have the rule_uid field */
return;
}
if (pfloghdr_length < (u_int) (offsetof(struct pfloghdr, rule_uid) + sizeof pflhdr->rule_uid)) {
/* Header doesn't include rule_uid field */
return;
}
pflhdr->rule_uid = SWAPLONG(pflhdr->rule_uid);
if (caplen < (u_int) (offsetof(struct pfloghdr, rule_pid) + sizeof pflhdr->rule_pid) ||
length < (u_int) (offsetof(struct pfloghdr, rule_pid) + sizeof pflhdr->rule_pid)) {
/* Not enough data to have the rule_pid field */
return;
}
if (pfloghdr_length < (u_int) (offsetof(struct pfloghdr, rule_pid) + sizeof pflhdr->rule_pid)) {
/* Header doesn't include rule_pid field */
return;
}
pflhdr->rule_pid = SWAPLONG(pflhdr->rule_pid);
}
/*
* DLT_LINUX_SLL packets with a protocol type of LINUX_SLL_P_CAN or
* LINUX_SLL_P_CANFD have SocketCAN headers in front of the payload,
* with the CAN ID being in host byte order.
*
* When reading a DLT_LINUX_SLL packet, we need to check for those
* packets and convert the CAN ID from the byte order of the host that
* wrote the file to this host's byte order.
*/
static void
swap_linux_sll_header(const struct pcap_pkthdr *hdr, u_char *buf)
{
u_int caplen = hdr->caplen;
u_int length = hdr->len;
struct sll_header *shdr = (struct sll_header *)buf;
uint16_t protocol;
pcap_can_socketcan_hdr *chdr;
if (caplen < (u_int) sizeof(struct sll_header) ||
length < (u_int) sizeof(struct sll_header)) {
/* Not enough data to have the protocol field */
return;
}
protocol = EXTRACT_BE_U_2(&shdr->sll_protocol);
if (protocol != LINUX_SLL_P_CAN && protocol != LINUX_SLL_P_CANFD)
return;
/*
* SocketCAN packet; fix up the packet's header.
*/
chdr = (pcap_can_socketcan_hdr *)(buf + sizeof(struct sll_header));
if (caplen < (u_int) sizeof(struct sll_header) + sizeof(chdr->can_id) ||
length < (u_int) sizeof(struct sll_header) + sizeof(chdr->can_id)) {
/* Not enough data to have the CAN ID */
return;
}
chdr->can_id = SWAPLONG(chdr->can_id);
}
/*
* The same applies for DLT_LINUX_SLL2.
*/
static void
swap_linux_sll2_header(const struct pcap_pkthdr *hdr, u_char *buf)
{
u_int caplen = hdr->caplen;
u_int length = hdr->len;
struct sll2_header *shdr = (struct sll2_header *)buf;
uint16_t protocol;
pcap_can_socketcan_hdr *chdr;
if (caplen < (u_int) sizeof(struct sll2_header) ||
length < (u_int) sizeof(struct sll2_header)) {
/* Not enough data to have the protocol field */
return;
}
protocol = EXTRACT_BE_U_2(&shdr->sll2_protocol);
if (protocol != LINUX_SLL_P_CAN && protocol != LINUX_SLL_P_CANFD)
return;
/*
* SocketCAN packet; fix up the packet's header.
*/
chdr = (pcap_can_socketcan_hdr *)(buf + sizeof(struct sll2_header));
if (caplen < (u_int) sizeof(struct sll2_header) + sizeof(chdr->can_id) ||
length < (u_int) sizeof(struct sll2_header) + sizeof(chdr->can_id)) {
/* Not enough data to have the CAN ID */
return;
}
chdr->can_id = SWAPLONG(chdr->can_id);
}
/*
* The DLT_USB_LINUX and DLT_USB_LINUX_MMAPPED headers are in host
* byte order when capturing (it's supplied directly from a
* memory-mapped buffer shared by the kernel).
*
* When reading a DLT_USB_LINUX or DLT_USB_LINUX_MMAPPED packet, we
* need to convert it from the byte order of the host that wrote the
* file to this host's byte order.
*/
static void
swap_linux_usb_header(const struct pcap_pkthdr *hdr, u_char *buf,
int header_len_64_bytes)
{
pcap_usb_header_mmapped *uhdr = (pcap_usb_header_mmapped *)buf;
bpf_u_int32 offset = 0;
/*
* "offset" is the offset *past* the field we're swapping;
* we skip the field *before* checking to make sure
* the captured data length includes the entire field.
*/
/*
* The URB id is a totally opaque value; do we really need to
* convert it to the reading host's byte order???
*/
offset += 8; /* skip past id */
if (hdr->caplen < offset)
return;
uhdr->id = SWAPLL(uhdr->id);
offset += 4; /* skip past various 1-byte fields */
offset += 2; /* skip past bus_id */
if (hdr->caplen < offset)
return;
uhdr->bus_id = SWAPSHORT(uhdr->bus_id);
offset += 2; /* skip past various 1-byte fields */
offset += 8; /* skip past ts_sec */
if (hdr->caplen < offset)
return;
uhdr->ts_sec = SWAPLL(uhdr->ts_sec);
offset += 4; /* skip past ts_usec */
if (hdr->caplen < offset)
return;
uhdr->ts_usec = SWAPLONG(uhdr->ts_usec);
offset += 4; /* skip past status */
if (hdr->caplen < offset)
return;
uhdr->status = SWAPLONG(uhdr->status);
offset += 4; /* skip past urb_len */
if (hdr->caplen < offset)
return;
uhdr->urb_len = SWAPLONG(uhdr->urb_len);
offset += 4; /* skip past data_len */
if (hdr->caplen < offset)
return;
uhdr->data_len = SWAPLONG(uhdr->data_len);
if (uhdr->transfer_type == URB_ISOCHRONOUS) {
offset += 4; /* skip past s.iso.error_count */
if (hdr->caplen < offset)
return;
uhdr->s.iso.error_count = SWAPLONG(uhdr->s.iso.error_count);
offset += 4; /* skip past s.iso.numdesc */
if (hdr->caplen < offset)
return;
uhdr->s.iso.numdesc = SWAPLONG(uhdr->s.iso.numdesc);
} else
offset += 8; /* skip USB setup header */
/*
* With the old header, there are no isochronous descriptors
* after the header.
*
* With the new header, the actual number of descriptors in
* the header is not s.iso.numdesc, it's ndesc - only the
* first N descriptors, for some value of N, are put into
* the header, and ndesc is set to the actual number copied.
* In addition, if s.iso.numdesc is negative, no descriptors
* are captured, and ndesc is set to 0.
*/
if (header_len_64_bytes) {
/*
* This is either the "version 1" header, with
* 16 bytes of additional fields at the end, or
* a "version 0" header from a memory-mapped
* capture, with 16 bytes of zeroed-out padding
* at the end. Byte swap them as if this were
* a "version 1" header.
*/
offset += 4; /* skip past interval */
if (hdr->caplen < offset)
return;
uhdr->interval = SWAPLONG(uhdr->interval);
offset += 4; /* skip past start_frame */
if (hdr->caplen < offset)
return;
uhdr->start_frame = SWAPLONG(uhdr->start_frame);
offset += 4; /* skip past xfer_flags */
if (hdr->caplen < offset)
return;
uhdr->xfer_flags = SWAPLONG(uhdr->xfer_flags);
offset += 4; /* skip past ndesc */
if (hdr->caplen < offset)
return;
uhdr->ndesc = SWAPLONG(uhdr->ndesc);
if (uhdr->transfer_type == URB_ISOCHRONOUS) {
/* swap the values in struct linux_usb_isodesc */
usb_isodesc *pisodesc;
uint32_t i;
pisodesc = (usb_isodesc *)(void *)(buf+offset);
for (i = 0; i < uhdr->ndesc; i++) {
offset += 4; /* skip past status */
if (hdr->caplen < offset)
return;
pisodesc->status = SWAPLONG(pisodesc->status);
offset += 4; /* skip past offset */
if (hdr->caplen < offset)
return;
pisodesc->offset = SWAPLONG(pisodesc->offset);
offset += 4; /* skip past len */
if (hdr->caplen < offset)
return;
pisodesc->len = SWAPLONG(pisodesc->len);
offset += 4; /* skip past padding */
pisodesc++;
}
}
}
}
/*
* The DLT_NFLOG "packets" have a mixture of big-endian and host-byte-order
* data. They begin with a fixed-length header with big-endian fields,
* followed by a set of TLVs, where the type and length are in host
* byte order but the values are either big-endian or are a raw byte
* sequence that's the same regardless of the host's byte order.
*
* When reading a DLT_NFLOG packet, we need to convert the type and
* length values from the byte order of the host that wrote the file
* to the byte order of this host.
*/
static void
swap_nflog_header(const struct pcap_pkthdr *hdr, u_char *buf)
{
u_char *p = buf;
nflog_hdr_t *nfhdr = (nflog_hdr_t *)buf;
nflog_tlv_t *tlv;
u_int caplen = hdr->caplen;
u_int length = hdr->len;
uint16_t size;
if (caplen < (u_int) sizeof(nflog_hdr_t) ||
length < (u_int) sizeof(nflog_hdr_t)) {
/* Not enough data to have any TLVs. */
return;
}
if (nfhdr->nflog_version != 0) {
/* Unknown NFLOG version */
return;
}
length -= sizeof(nflog_hdr_t);
caplen -= sizeof(nflog_hdr_t);
p += sizeof(nflog_hdr_t);
while (caplen >= sizeof(nflog_tlv_t)) {
tlv = (nflog_tlv_t *) p;
/* Swap the type and length. */
tlv->tlv_type = SWAPSHORT(tlv->tlv_type);
tlv->tlv_length = SWAPSHORT(tlv->tlv_length);
/* Get the length of the TLV. */
size = tlv->tlv_length;
if (size % 4 != 0)
size += 4 - size % 4;
/* Is the TLV's length less than the minimum? */
if (size < sizeof(nflog_tlv_t)) {
/* Yes. Give up now. */
return;
}
/* Do we have enough data for the full TLV? */
if (caplen < size || length < size) {
/* No. */
return;
}
/* Skip over the TLV. */
length -= size;
caplen -= size;
p += size;
}
}
static void
swap_pseudo_headers(int linktype, struct pcap_pkthdr *hdr, u_char *data)
{
/*
* Convert pseudo-headers from the byte order of
* the host on which the file was saved to our
* byte order, as necessary.
*/
switch (linktype) {
case DLT_PFLOG:
swap_pflog_header(hdr, data);
break;
case DLT_LINUX_SLL:
swap_linux_sll_header(hdr, data);
break;
case DLT_LINUX_SLL2:
swap_linux_sll2_header(hdr, data);
break;
case DLT_USB_LINUX:
swap_linux_usb_header(hdr, data, 0);
break;
case DLT_USB_LINUX_MMAPPED:
swap_linux_usb_header(hdr, data, 1);
break;
case DLT_NFLOG:
swap_nflog_header(hdr, data);
break;
}
}
void
pcap_post_process(int linktype, int swapped, struct pcap_pkthdr *hdr,
u_char *data)
{
if (swapped)
swap_pseudo_headers(linktype, hdr, data);
fixup_pcap_pkthdr(linktype, hdr, data);
}
void
fixup_pcap_pkthdr(int linktype, struct pcap_pkthdr *hdr, const u_char *data)
{
const pcap_usb_header_mmapped *usb_hdr;
usb_hdr = (const pcap_usb_header_mmapped *) data;
if (linktype == DLT_USB_LINUX_MMAPPED &&
hdr->caplen >= sizeof (pcap_usb_header_mmapped)) {
/*
* In older versions of libpcap, in memory-mapped captures,
* the "on-the-bus length" for completion events for
* incoming isochronous transfers was miscalculated; it
* needed to be calculated based on the* offsets and lengths
* in the descriptors, not on the raw URB length, but it
* wasn't.
*
* If this packet contains transferred data (yes, data_flag
* is 0 if we *do* have data), and the total on-the-network
* length is equal to the value calculated from the raw URB
* length, then it might be one of those transfers.
*
* We only do this if we have the full USB pseudo-header.
*/
if (!usb_hdr->data_flag &&
hdr->len == sizeof(pcap_usb_header_mmapped) +
(usb_hdr->ndesc * sizeof (usb_isodesc)) + usb_hdr->urb_len) {
/*
* It might need fixing; fix it if it's a completion
* event for an incoming isochronous transfer.
*/
fix_linux_usb_mmapped_length(hdr, data);
}
}
}

55
libpcap/pcap-util.h Normal file
View File

@@ -0,0 +1,55 @@
/*
* Copyright (c) 1993, 1994, 1995, 1996, 1997
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that: (1) source code distributions
* retain the above copyright notice and this paragraph in its entirety, (2)
* distributions including binary code include the above copyright notice and
* this paragraph in its entirety in the documentation or other materials
* provided with the distribution, and (3) all advertising materials mentioning
* features or use of this software display the following acknowledgement:
* ``This product includes software developed by the University of California,
* Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
* the University nor the names of its contributors may be used to endorse
* or promote products derived from this software without specific prior
* written permission.
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* pcap-util.h - common code for various files
*/
/*
* We use the "receiver-makes-right" approach to byte order;
* because time is at a premium when we are writing the file.
* In other words, the pcap_file_header and pcap_pkthdr,
* records are written in host byte order.
* Note that the bytes of packet data are written out in the order in
* which they were received, so multi-byte fields in packets are not
* written in host byte order, they're written in whatever order the
* sending machine put them in.
*
* We also use this for fixing up packet data headers from a remote
* capture, where the server may have a different byte order from the
* client.
*
* ntoh[ls] aren't sufficient because we might need to swap on a big-endian
* machine (if the file was written in little-end order).
*/
#define SWAPLONG(y) \
(((((u_int)(y))&0xff)<<24) | \
((((u_int)(y))&0xff00)<<8) | \
((((u_int)(y))&0xff0000)>>8) | \
((((u_int)(y))>>24)&0xff))
#define SWAPSHORT(y) \
((u_short)(((((u_int)(y))&0xff)<<8) | \
((((u_int)(y))&0xff00)>>8)))
extern void pcap_post_process(int linktype, int swapped,
struct pcap_pkthdr *hdr, u_char *data);
extern void fixup_pcap_pkthdr(int linktype, struct pcap_pkthdr *hdr,
const u_char *data);

28
libpcap/pcap.3pcap.in
View File

@@ -272,7 +272,7 @@ On some platforms, the time stamp given to packets on live captures can
come from different sources that can have different resolutions or that
can have different relationships to the time values for the current time
supplied by routines on the native operating system. See
.BR pcap-tstamp (@MAN_MISC_INFO@)
.BR \%pcap-tstamp (@MAN_MISC_INFO@)
for a list of time stamp types.
.IP
The time stamp type is set with
@@ -720,7 +720,7 @@ periodically for packets; in that case,
will return a pointer to a
.B struct timeval
whose value can be used as a timeout in those routines. When the
routine returns, an attmept should be made to read packets from the
routine returns, an attempt should be made to read packets from the
device. If
.BR pcap_get_required_select_timeout ()
returns
@@ -784,17 +784,17 @@ get the state of non-blocking mode for a
attempt to get a descriptor for a
.B pcap_t
that can be used in calls such as
.BR select (2)
.BR select ()
and
.BR poll (2)
.BR poll ()
.TP
.BR pcap_get_required_select_timeout (3PCAP)
attempt to get a timeout required for using a
.B pcap_t
in calls such as
.BR select (2)
.BR select ()
and
.BR poll (2)
.BR poll ()
.RE
.SS Filters
In order to cause only certain packets to be returned when reading
@@ -804,7 +804,7 @@ copying ``uninteresting'' packets from the kernel to user mode.
.PP
A filter can be specified as a text string; the syntax and semantics of
the string are as described by
.BR pcap-filter (@MAN_MISC_INFO@).
.BR \%pcap-filter (@MAN_MISC_INFO@).
A filter string is compiled into a program in a pseudo-machine-language
by
.BR pcap_compile ()
@@ -894,13 +894,19 @@ call
.BR pcap_dump_open (3PCAP)
open a
.B pcap_dumper_t
for a ``savefile``, given a pathname
for a ``savefile``, given a pathname, replacing any existing data
.TP
.BR pcap_dump_open_append (3PCAP)
open a
.B pcap_dumper_t
for a ``savefile``, given a pathname, appending to the existing data
.TP
.BR pcap_dump_fopen (3PCAP)
open a
.B pcap_dumper_t
for a ``savefile``, given a
.B "FILE\ *"
.BR "FILE\ *" ,
assuming an empty file
.TP
.BR pcap_dump_close (3PCAP)
close a
@@ -1027,7 +1033,7 @@ script or some other configuration script to check whether the libpcap
.BR autoconf (1),
.BR tcpdump (1),
.BR tcpslice (1),
.BR pcap-filter (@MAN_MISC_INFO@),
.BR \%pcap-filter (@MAN_MISC_INFO@),
.BR pfconfig (8),
.BR usermod (@MAN_ADMIN_COMMANDS@)
.SH AUTHORS
@@ -1044,7 +1050,7 @@ The current version is available from "The Tcpdump Group"'s Web site at
.I https://www.tcpdump.org/
.RE
.SH BUGS
To report a security issue please send an e-mail to security@tcpdump.org.
To report a security issue please send an e-mail to \%security@tcpdump.org.
.LP
To report bugs and other problems, contribute patches, request a
feature, provide generic feedback etc please see the file

104
libpcap/pcap.c
View File

@@ -131,8 +131,6 @@ struct rtentry; /* declarations in <net/if.h> */
#ifdef _WIN32
/*
* DllMain(), required when built as a Windows DLL.
*
* To quote the WSAStartup() documentation:
*
* The WSAStartup function typically leads to protocol-specific helper
@@ -147,19 +145,12 @@ struct rtentry; /* declarations in <net/if.h> */
* be called from the DllMain function in a application DLL. This can
* potentially cause deadlocks.
*
* So we don't initialize Winsock here. pcap_init() should be called
* to initialize pcap on both UN*X and Windows; it will initialize
* Winsock on Windows. (It will also be initialized as needed if
* pcap_init() hasn't been called.)
* So we don't initialize Winsock in a DllMain() routine.
*
* pcap_init() should be called to initialize pcap on both UN*X and
* Windows; it will initialize Winsock on Windows. (It will also be
* initialized as needed if pcap_init() hasn't been called.)
*/
BOOL WINAPI DllMain(
HANDLE hinstDLL _U_,
DWORD dwReason _U_,
LPVOID lpvReserved _U_
)
{
return (TRUE);
}
/*
* Start Winsock.
@@ -259,7 +250,7 @@ pcap_init(unsigned int opts, char *errbuf)
if (pcap_utf_8_mode) {
snprintf(errbuf, PCAP_ERRBUF_SIZE,
"Multiple pcap_init calls with different character encodings");
return (-1);
return (PCAP_ERROR);
}
}
break;
@@ -270,7 +261,7 @@ pcap_init(unsigned int opts, char *errbuf)
if (!pcap_utf_8_mode) {
snprintf(errbuf, PCAP_ERRBUF_SIZE,
"Multiple pcap_init calls with different character encodings");
return (-1);
return (PCAP_ERROR);
}
}
pcap_utf_8_mode = 1;
@@ -278,7 +269,7 @@ pcap_init(unsigned int opts, char *errbuf)
default:
snprintf(errbuf, PCAP_ERRBUF_SIZE, "Unknown options specified");
return (-1);
return (PCAP_ERROR);
}
/*
@@ -303,7 +294,7 @@ pcap_init(unsigned int opts, char *errbuf)
*/
if (internal_wsockinit(errbuf) == -1) {
/* Failed. */
return (-1);
return (PCAP_ERROR);
}
#endif
@@ -622,7 +613,9 @@ pcap_next_ex(pcap_t *p, struct pcap_pkthdr **pkt_header,
* Return codes for pcap_offline_read() are:
* - 0: EOF
* - -1: error
* - >1: OK
* - >0: OK - result is number of packets read, so
* it will be 1 in this case, as we've passed
* a maximum packet count of 1
* The first one ('0') conflicts with the return code of
* 0 from pcap_read() meaning "no packets arrived before
* the timeout expired", so we map it to -2 so you can
@@ -641,7 +634,9 @@ pcap_next_ex(pcap_t *p, struct pcap_pkthdr **pkt_header,
* - 0: timeout
* - -1: error
* - -2: loop was broken out of with pcap_breakloop()
* - >1: OK
* - >0: OK, result is number of packets captured, so
* it will be 1 in this case, as we've passed
* a maximum packet count of 1
* The first one ('0') conflicts with the return code of 0 from
* pcap_offline_read() meaning "end of file".
*/
@@ -2849,17 +2844,41 @@ pcap_open_live(const char *device, int snaplen, int promisc, int to_ms, char *er
goto fail;
return (p);
fail:
if (status == PCAP_ERROR)
if (status == PCAP_ERROR) {
/*
* Another buffer is a bit cumbersome, but it avoids
* -Wformat-truncation.
*/
char trimbuf[PCAP_ERRBUF_SIZE - 5]; /* 2 bytes shorter */
pcap_strlcpy(trimbuf, p->errbuf, sizeof(trimbuf));
snprintf(errbuf, PCAP_ERRBUF_SIZE, "%s: %.*s", device,
PCAP_ERRBUF_SIZE - 3, p->errbuf);
else if (status == PCAP_ERROR_NO_SUCH_DEVICE ||
PCAP_ERRBUF_SIZE - 3, trimbuf);
} else if (status == PCAP_ERROR_NO_SUCH_DEVICE ||
status == PCAP_ERROR_PERM_DENIED ||
status == PCAP_ERROR_PROMISC_PERM_DENIED)
snprintf(errbuf, PCAP_ERRBUF_SIZE, "%s: %s (%.*s)", device,
pcap_statustostr(status), PCAP_ERRBUF_SIZE - 6, p->errbuf);
else
status == PCAP_ERROR_PROMISC_PERM_DENIED) {
/*
* Only show the additional message if it's not
* empty.
*/
if (p->errbuf[0] != '\0') {
/*
* Idem.
*/
char trimbuf[PCAP_ERRBUF_SIZE - 8]; /* 2 bytes shorter */
pcap_strlcpy(trimbuf, p->errbuf, sizeof(trimbuf));
snprintf(errbuf, PCAP_ERRBUF_SIZE, "%s: %s (%.*s)",
device, pcap_statustostr(status),
PCAP_ERRBUF_SIZE - 6, trimbuf);
} else {
snprintf(errbuf, PCAP_ERRBUF_SIZE, "%s: %s",
device, pcap_statustostr(status));
}
} else {
snprintf(errbuf, PCAP_ERRBUF_SIZE, "%s: %s", device,
pcap_statustostr(status));
}
pcap_close(p);
return (NULL);
}
@@ -3350,7 +3369,7 @@ pcap_datalink_val_to_description_or_dlt(int dlt)
if (description != NULL) {
return description;
} else {
(void)snprintf(unkbuf, sizeof(unkbuf), "DLT %u", dlt);
(void)snprintf(unkbuf, sizeof(unkbuf), "DLT %d", dlt);
return unkbuf;
}
}
@@ -3461,14 +3480,14 @@ pcap_fileno(pcap_t *p)
/*
* This is a bogus and now-deprecated API; we
* squelch the narrowing warning for the cast
* from HANDLE to DWORD. If Windows programmmers
* from HANDLE to intptr_t. If Windows programmmers
* need to get at the HANDLE for a pcap_t, *if*
* there is one, they should request such a
* routine (and be prepared for it to return
* INVALID_HANDLE_VALUE).
*/
DIAG_OFF_NARROWING
return ((int)(DWORD)p->handle);
return ((int)(intptr_t)p->handle);
DIAG_ON_NARROWING
} else
return (PCAP_ERROR);
@@ -3644,7 +3663,7 @@ pcap_statustostr(int errnum)
return ("That operation is supported only in monitor mode");
case PCAP_ERROR_PERM_DENIED:
return ("You don't have permission to capture on that device");
return ("You don't have permission to perform this capture on that device");
case PCAP_ERROR_IFACE_NOT_UP:
return ("That device is not up");
@@ -3986,6 +4005,10 @@ pcap_breakloop_common(pcap_t *p)
void
pcap_cleanup_live_common(pcap_t *p)
{
if (p->opt.device != NULL) {
free(p->opt.device);
p->opt.device = NULL;
}
if (p->buffer != NULL) {
free(p->buffer);
p->buffer = NULL;
@@ -4064,14 +4087,12 @@ pcap_inject(pcap_t *p, const void *buf, size_t size)
void
pcap_close(pcap_t *p)
{
if (p->opt.device != NULL)
free(p->opt.device);
p->cleanup_op(p);
free(p);
}
/*
* Helpers for safely loding code at run time.
* Helpers for safely loading code at run time.
* Currently Windows-only.
*/
#ifdef _WIN32
@@ -4180,6 +4201,20 @@ pcap_read_dead(pcap_t *p, int cnt _U_, pcap_handler callback _U_,
return (-1);
}
static void
pcap_breakloop_dead(pcap_t *p _U_)
{
/*
* A "dead" pcap_t is just a placeholder to use in order to
* compile a filter to BPF code or to open a savefile for
* writing. It doesn't support any operations, including
* capturing or reading packets, so there will never be a
* get-packets loop in progress to break out *of*.
*
* As such, this routine doesn't need to do anything.
*/
}
static int
pcap_inject_dead(pcap_t *p, const void *buf _U_, int size _U_)
{
@@ -4393,6 +4428,7 @@ pcap_open_dead_with_tstamp_precision(int linktype, int snaplen, u_int precision)
p->live_dump_ended_op = pcap_live_dump_ended_dead;
p->get_airpcap_handle_op = pcap_get_airpcap_handle_dead;
#endif
p->breakloop_op = pcap_breakloop_dead;
p->cleanup_op = pcap_cleanup_dead;
/*

7
libpcap/pcap/bpf.h
View File

@@ -80,7 +80,6 @@
#define lib_pcap_bpf_h
#include <pcap/funcattrs.h>
#include <pcap/dlt.h>
#ifdef __cplusplus
@@ -150,7 +149,7 @@ struct bpf_program {
#define BPF_B 0x10
/* 0x18 reserved; used by BSD/OS */
#define BPF_MODE(code) ((code) & 0xe0)
#define BPF_IMM 0x00
#define BPF_IMM 0x00
#define BPF_ABS 0x20
#define BPF_IND 0x40
#define BPF_MEM 0x60
@@ -244,8 +243,8 @@ struct bpf_program {
*/
struct bpf_insn {
u_short code;
u_char jt;
u_char jf;
u_char jt;
u_char jf;
bpf_u_int32 k;
};

7
libpcap/pcap/can_socketcan.h
View File

@@ -48,9 +48,14 @@
typedef struct {
uint32_t can_id;
uint8_t payload_length;
uint8_t pad;
uint8_t fd_flags;
uint8_t reserved1;
uint8_t reserved2;
} pcap_can_socketcan_hdr;
/* Bits in the fd_flags field */
#define CANFD_BRS 0x01 /* bit rate switch (second bitrate for payload data) */
#define CANFD_ESI 0x02 /* error state indicator of the transmitting node */
#define CANFD_FDF 0x04 /* mark CAN FD for dual use of CAN format */
#endif

50
libpcap/pcap/compiler-tests.h
View File

@@ -80,9 +80,11 @@
*/
#if ! defined(__GNUC__)
#define PCAP_IS_AT_LEAST_GNUC_VERSION(major, minor) 0
/* Not GCC and not "just like GCC" */
#define PCAP_IS_AT_LEAST_GNUC_VERSION(major, minor) 0
#else
#define PCAP_IS_AT_LEAST_GNUC_VERSION(major, minor) \
/* GCC or "just like GCC" */
#define PCAP_IS_AT_LEAST_GNUC_VERSION(major, minor) \
(__GNUC__ > (major) || \
(__GNUC__ == (major) && __GNUC_MINOR__ >= (minor)))
#endif
@@ -92,9 +94,11 @@
*/
#if !defined(__clang__)
#define PCAP_IS_AT_LEAST_CLANG_VERSION(major, minor) 0
/* Not Clang */
#define PCAP_IS_AT_LEAST_CLANG_VERSION(major, minor) 0
#else
#define PCAP_IS_AT_LEAST_CLANG_VERSION(major, minor) \
/* Clang */
#define PCAP_IS_AT_LEAST_CLANG_VERSION(major, minor) \
(__clang_major__ > (major) || \
(__clang_major__ == (major) && __clang_minor__ >= (minor)))
#endif
@@ -118,13 +122,15 @@
*/
#if ! defined(__SUNPRO_C)
#define PCAP_IS_AT_LEAST_SUNC_VERSION(major,minor) 0
/* Not Sun/Oracle C */
#define PCAP_IS_AT_LEAST_SUNC_VERSION(major,minor) 0
#else
#define PCAP_SUNPRO_VERSION_TO_BCD(major, minor) \
/* Sun/Oracle C */
#define PCAP_SUNPRO_VERSION_TO_BCD(major, minor) \
(((minor) >= 10) ? \
(((major) << 12) | (((minor)/10) << 8) | (((minor)%10) << 4)) : \
(((major) << 8) | ((minor) << 4)))
#define PCAP_IS_AT_LEAST_SUNC_VERSION(major,minor) \
#define PCAP_IS_AT_LEAST_SUNC_VERSION(major,minor) \
(__SUNPRO_C >= PCAP_SUNPRO_VERSION_TO_BCD((major), (minor)))
#endif
@@ -133,13 +139,31 @@
*
* The version number in __xlC__ has the major version in the
* upper 8 bits and the minor version in the lower 8 bits.
* On AIX __xlC__ is always defined, __ibmxl__ becomes defined in XL C 16.1.
* On Linux since XL C 13.1.6 __xlC__ is not defined by default anymore, but
* __ibmxl__ is defined since at least XL C 13.1.1.
*/
#if ! defined(__xlC__)
#define PCAP_IS_AT_LEAST_XL_C_VERSION(major,minor) 0
#if ! defined(__xlC__) && ! defined(__ibmxl__)
/* Not XL C */
#define PCAP_IS_AT_LEAST_XL_C_VERSION(major,minor) 0
#else
#define PCAP_IS_AT_LEAST_XL_C_VERSION(major, minor) \
/* XL C */
#if defined(__ibmxl__)
/*
* Later Linux version of XL C; use __ibmxl_version__ to test
* the version.
*/
#define PCAP_IS_AT_LEAST_XL_C_VERSION(major, minor) \
(__ibmxl_version__ > (major) || \
(__ibmxl_version__ == (major) && __ibmxl_release__ >= (minor)))
#else /* __ibmxl__ */
/*
* __ibmxl__ not defined; use __xlC__ to test the version.
*/
#define PCAP_IS_AT_LEAST_XL_C_VERSION(major, minor) \
(__xlC__ >= (((major) << 8) | (minor)))
#endif /* __ibmxl__ */
#endif
/*
@@ -154,9 +178,11 @@
*/
#if ! defined(__HP_aCC)
#define PCAP_IS_AT_LEAST_HP_C_VERSION(major,minor) 0
/* Not HP C */
#define PCAP_IS_AT_LEAST_HP_C_VERSION(major,minor) 0
#else
#define PCAP_IS_AT_LEAST_HP_C_VERSION(major,minor) \
/* HP C */
#define PCAP_IS_AT_LEAST_HP_C_VERSION(major,minor) \
(__HP_aCC >= ((major)*10000 + (minor)*100))
#endif

96
libpcap/pcap/dlt.h
View File

@@ -104,6 +104,67 @@
#define DLT_PPP_BSDOS 16 /* BSD/OS Point-to-point Protocol */
#endif
/*
* NetBSD uses 15 for HIPPI.
*
* From a quick look at sys/net/if_hippi.h and sys/net/if_hippisubr.c
* in an older version of NetBSD , the header appears to be:
*
* a 1-byte ULP field (ULP-id)?
*
* a 1-byte flags field;
*
* a 2-byte "offsets" field;
*
* a 4-byte "D2 length" field (D2_Size?);
*
* a 4-byte "destination switch" field (or a 1-byte field
* containing the Forwarding Class, Double_Wide, and Message_Type
* sub fields, followed by a 3-byte Destination_Switch_Address
* field?, HIPPI-LE 3.4-style?);
*
* a 4-byte "source switch" field (or a 1-byte field containing the
* Destination_Address_type and Source_Address_Type fields, followed
* by a 3-byte Source_Switch_Address field, HIPPI-LE 3.4-style?);
*
* a 2-byte reserved field;
*
* a 6-byte destination address field;
*
* a 2-byte "local admin" field;
*
* a 6-byte source address field;
*
* followed by an 802.2 LLC header.
*
* This looks somewhat like something derived from the HIPPI-FP 4.4
* Header_Area, followed an HIPPI-FP 4.4 D1_Area containing a D1 data set
* with the header in HIPPI-LE 3.4 (ANSI X3.218-1993), followed by an
* HIPPI-FP 4.4 D2_Area (with no Offset) containing the 802.2 LLC header
* and payload? Or does the "offsets" field contain the D2_Offset,
* with that many bytes of offset before the payload?
*
* See http://wotug.org/parallel/standards/hippi/ for an archive of
* HIPPI specifications.
*
* RFC 2067 imposes some additional restrictions. It says that the
* Offset is always zero
*
* HIPPI is long-gone, and the source files found in an older version
* of NetBSD don't appear to be in the main CVS branch, so we may never
* see a capture with this link-layer type.
*/
#if defined(__NetBSD__)
#define DLT_HIPPI 15 /* HIPPI */
#endif
/*
* NetBSD uses 16 for DLT_HDLC; see below.
* BSD/OS uses it for PPP; see above.
* As far as I know, no other OS uses it for anything; don't use it
* for anything else.
*/
/*
* 17 was used for DLT_PFLOG in OpenBSD; it no longer is.
*
@@ -219,7 +280,8 @@
* that the AF_ type in the link-layer header is in network byte order.
*
* DLT_LOOP is 12 in OpenBSD, but that's DLT_RAW in other OSes, so
* we don't use 12 for it in OSes other than OpenBSD.
* we don't use 12 for it in OSes other than OpenBSD; instead, we
* use the same value as LINKTYPE_LOOP.
*/
#ifdef __OpenBSD__
#define DLT_LOOP 12
@@ -230,7 +292,7 @@
/*
* Encapsulated packets for IPsec; DLT_ENC is 13 in OpenBSD, but that's
* DLT_SLIP_BSDOS in NetBSD, so we don't use 13 for it in OSes other
* than OpenBSD.
* than OpenBSD; instead, we use the same value as LINKTYPE_ENC.
*/
#ifdef __OpenBSD__
#define DLT_ENC 13
@@ -239,12 +301,22 @@
#endif
/*
* Values between 110 and 112 are reserved for use in capture file headers
* Values 110 and 111 are reserved for use in capture file headers
* as link-layer types corresponding to DLT_ types that might differ
* between platforms; don't use those values for new DLT_ types
* other than the corresponding DLT_ types.
*/
/*
* NetBSD uses 16 for (Cisco) "HDLC framing". For other platforms,
* we define it to have the same value as LINKTYPE_NETBSD_HDLC.
*/
#if defined(__NetBSD__)
#define DLT_HDLC 16 /* Cisco HDLC */
#else
#define DLT_HDLC 112
#endif
/*
* Linux cooked sockets.
*/
@@ -651,7 +723,7 @@
* DLT_ requested by Gianluca Varenni <gianluca.varenni@cacetech.com>.
* Every frame contains a 32bit A429 label.
* More documentation on Arinc 429 can be found at
* http://www.condoreng.com/support/downloads/tutorials/ARINCTutorial.pdf
* https://web.archive.org/web/20040616233302/https://www.condoreng.com/support/downloads/tutorials/ARINCTutorial.pdf
*/
#define DLT_A429 184
@@ -1214,15 +1286,17 @@
#define DLT_BLUETOOTH_LE_LL 251
/*
* DLT type for upper-protocol layer PDU saves from wireshark.
* DLT type for upper-protocol layer PDU saves from Wireshark.
*
* the actual contents are determined by two TAGs stored with each
* packet:
* EXP_PDU_TAG_LINKTYPE the link type (LINKTYPE_ value) of the
* original packet.
* the actual contents are determined by two TAGs, one or more of
* which is stored with each packet:
*
* EXP_PDU_TAG_PROTO_NAME the name of the wireshark dissector
* that can make sense of the data stored.
* EXP_PDU_TAG_DISSECTOR_NAME the name of the Wireshark dissector
* that can make sense of the data stored.
*
* EXP_PDU_TAG_HEUR_DISSECTOR_NAME the name of the Wireshark heuristic
* dissector that can make sense of the
* data stored.
*/
#define DLT_WIRESHARK_UPPER_PDU 252

80
libpcap/pcap/funcattrs.h
View File

@@ -118,14 +118,14 @@
#if PCAP_IS_AT_LEAST_GNUC_VERSION(3,4) \
|| PCAP_IS_AT_LEAST_XL_C_VERSION(12,0)
/*
* GCC 3.4 or later, or some compiler asserting compatibility with
* GCC 3.4 or later, or XL C 13.0 or later, so we have
* GCC 3.4 and later, or some compiler asserting compatibility with
* GCC 3.4 and later, or XL C 13.0 and later, so we have
* __attribute__((visibility()).
*/
#define PCAP_API_DEF __attribute__((visibility("default")))
#elif PCAP_IS_AT_LEAST_SUNC_VERSION(5,5)
/*
* Sun C 5.5 or later, so we have __global.
* Sun C 5.5 and later, so we have __global.
* (Sun C 5.9 and later also have __attribute__((visibility()),
* but there's no reason to prefer it with Sun C.)
*/
@@ -161,6 +161,15 @@
* provided by Apple, so each release can come with a version compiled
* to use the APIs present in that release.)
*
* The non-macOS versioning is based on
*
* https://en.wikipedia.org/wiki/Darwin_(operating_system)#Release_history
*
* If there are any corrections, please submit it upstream to the
* libpcap maintainers, preferably as a pull request on
*
* https://github.com/the-tcpdump-group/libpcap
*
* We don't define it ourselves because, if you're building and
* installing libpcap on macOS yourself, the APIs will be available
* no matter what OS version you're installing it on.
@@ -172,23 +181,30 @@
* I've never seen earlier releases.
*/
#ifdef __APPLE__
#define PCAP_AVAILABLE_MACOS(v) /* define to say "first appears in v" */
#define PCAP_AVAILABLE_0_4 PCAP_AVAILABLE_MACOS(10.0) /* Did any version of Mac OS X ship with this? */
#define PCAP_AVAILABLE_0_5 PCAP_AVAILABLE_MACOS(10.0) /* Did any version of Mac OS X ship with this? */
#define PCAP_AVAILABLE_0_6 PCAP_AVAILABLE_MACOS(10.1)
#define PCAP_AVAILABLE_0_7 PCAP_AVAILABLE_MACOS(10.4)
#define PCAP_AVAILABLE_0_8 PCAP_AVAILABLE_MACOS(10.4)
#define PCAP_AVAILABLE_0_9 PCAP_AVAILABLE_MACOS(10.5)
#define PCAP_AVAILABLE_1_0 PCAP_AVAILABLE_MACOS(10.6)
#include <Availability.h>
/*
* When building as part of macOS, define this as __API_AVAILABLE(__VA_ARGS__).
*
* XXX - if there's some #define to indicate that this is being built
* as part of the macOS build process, we could make that Just Work.
*/
#define PCAP_AVAILABLE(...)
#define PCAP_AVAILABLE_0_4 PCAP_AVAILABLE(macos(10.0)) /* Did any version of Mac OS X ship with this? */
#define PCAP_AVAILABLE_0_5 PCAP_AVAILABLE(macos(10.0)) /* Did any version of Mac OS X ship with this? */
#define PCAP_AVAILABLE_0_6 PCAP_AVAILABLE(macos(10.1))
#define PCAP_AVAILABLE_0_7 PCAP_AVAILABLE(macos(10.4))
#define PCAP_AVAILABLE_0_8 PCAP_AVAILABLE(macos(10.4))
#define PCAP_AVAILABLE_0_9 PCAP_AVAILABLE(macos(10.5), ios(1.0))
#define PCAP_AVAILABLE_1_0 PCAP_AVAILABLE(macos(10.6), ios(4.0))
/* #define PCAP_AVAILABLE_1_1 no routines added to the API */
#define PCAP_AVAILABLE_1_2 PCAP_AVAILABLE_MACOS(10.9)
#define PCAP_AVAILABLE_1_2 PCAP_AVAILABLE(macos(10.9), ios(6.0))
/* #define PCAP_AVAILABLE_1_3 no routines added to the API */
/* #define PCAP_AVAILABLE_1_4 no routines added to the API */
#define PCAP_AVAILABLE_1_5 PCAP_AVAILABLE_MACOS(10.10)
#define PCAP_AVAILABLE_1_5 PCAP_AVAILABLE(macos(10.10), ios(7.0), watchos(1.0))
/* #define PCAP_AVAILABLE_1_6 no routines added to the API */
#define PCAP_AVAILABLE_1_7 PCAP_AVAILABLE_MACOS(10.12)
#define PCAP_AVAILABLE_1_8 PCAP_AVAILABLE_MACOS(10.13) /* only Windows adds routines to the API; XXX - what version first had it? */
#define PCAP_AVAILABLE_1_9 PCAP_AVAILABLE_MACOS(10.13)
#define PCAP_AVAILABLE_1_7 PCAP_AVAILABLE(macos(10.12), ios(10.0), tvos(10.0), watchos(3.0))
#define PCAP_AVAILABLE_1_8 PCAP_AVAILABLE(macos(10.13), ios(11.0), tvos(11.0), watchos(4.0)) /* only Windows adds routines to the API; XXX - what version first had it? */
#define PCAP_AVAILABLE_1_9 PCAP_AVAILABLE(macos(10.13), ios(11.0), tvos(11.0), watchos(4.0))
#define PCAP_AVAILABLE_1_10 /* not in macOS yet */
#define PCAP_AVAILABLE_1_11 /* not released yet, so not in macOS yet */
#else /* __APPLE__ */
@@ -230,11 +246,11 @@
|| PCAP_IS_AT_LEAST_XL_C_VERSION(10,1) \
|| PCAP_IS_AT_LEAST_HP_C_VERSION(6,10)
/*
* Compiler with support for __attribute((noreturn)), or GCC 2.5 or
* later, or some compiler asserting compatibility with GCC 2.5 or
* later, or Solaris Studio 12 (Sun C 5.9) or later, or IBM XL C 10.1
* or later (do any earlier versions of XL C support this?), or HP aCC
* A.06.10 or later.
* Compiler with support for __attribute((noreturn)), or GCC 2.5 and
* later, or some compiler asserting compatibility with GCC 2.5 and
* later, or Solaris Studio 12 (Sun C 5.9) and later, or IBM XL C 10.1
* and later (do any earlier versions of XL C support this?), or HP aCC
* A.06.10 and later.
*/
#define PCAP_NORETURN __attribute((noreturn))
#define PCAP_NORETURN_DEF __attribute((noreturn))
@@ -260,8 +276,8 @@
|| PCAP_IS_AT_LEAST_XL_C_VERSION(10,1) \
|| PCAP_IS_AT_LEAST_HP_C_VERSION(6,10)
/*
* Compiler with support for it, or GCC 2.3 or later, or some compiler
* asserting compatibility with GCC 2.3 or later, or IBM XL C 10.1
* Compiler with support for it, or GCC 2.3 and later, or some compiler
* asserting compatibility with GCC 2.3 and later, or IBM XL C 10.1
* and later (do any earlier versions of XL C support this?),
* or HP aCC A.06.10 and later.
*/
@@ -274,23 +290,21 @@
* PCAP_DEPRECATED(func, msg), after a function declaration, marks the
* function as deprecated.
*
* The first argument is the name of the function; the second argument is
* a string giving the warning message to use if the compiler supports that.
*
* (Thank you, Microsoft, for requiring the function name.)
* The argument is a string giving the warning message to use if the
* compiler supports that.
*/
#if __has_attribute(deprecated) \
|| PCAP_IS_AT_LEAST_GNUC_VERSION(4,5) \
|| PCAP_IS_AT_LEAST_SUNC_VERSION(5,13)
/*
* Compiler that supports __has_attribute and __attribute__((deprecated)),
* or GCC 4.5 or later, or Sun/Oracle C 12.4 (Sun C 5.13) or later.
* or GCC 4.5 and later, or Sun/Oracle C 12.4 (Sun C 5.13) and later.
*
* Those support __attribute__((deprecated(msg))) (we assume, perhaps
* incorrectly, that anything that supports __has_attribute() is
* recent enough to support __attribute__((deprecated(msg)))).
*/
#define PCAP_DEPRECATED(func, msg) __attribute__((deprecated(msg)))
#define PCAP_DEPRECATED(msg) __attribute__((deprecated(msg)))
#elif PCAP_IS_AT_LEAST_GNUC_VERSION(3,1)
/*
* GCC 3.1 through 4.4.
@@ -298,18 +312,18 @@
* Those support __attribute__((deprecated)) but not
* __attribute__((deprecated(msg))).
*/
#define PCAP_DEPRECATED(func, msg) __attribute__((deprecated))
#define PCAP_DEPRECATED(msg) __attribute__((deprecated))
#elif defined(_MSC_VER) && !defined(BUILDING_PCAP)
/*
* MSVC, and we're not building libpcap itself; it's VS 2015
* or later, so we have the deprecated pragma.
* and later, so we have __declspec(deprecated(...)).
*
* If we *are* building libpcap, we don't want this, as it'll warn
* us even if we *define* the function.
*/
#define PCAP_DEPRECATED(func, msg) __pragma(deprecated(func))
#define PCAP_DEPRECATED(msg) _declspec(deprecated(msg))
#else
#define PCAP_DEPRECATED(func, msg)
#define PCAP_DEPRECATED(msg)
#endif
/*

5
libpcap/pcap/namedb.h
View File

@@ -59,8 +59,9 @@ PCAP_API struct pcap_etherent *pcap_next_etherent(FILE *);
PCAP_API u_char *pcap_ether_hostton(const char*);
PCAP_API u_char *pcap_ether_aton(const char *);
PCAP_API bpf_u_int32 **pcap_nametoaddr(const char *)
PCAP_DEPRECATED(pcap_nametoaddr, "this is not reentrant; use 'pcap_nametoaddrinfo' instead");
PCAP_API
PCAP_DEPRECATED("this is not reentrant; use 'pcap_nametoaddrinfo' instead")
bpf_u_int32 **pcap_nametoaddr(const char *);
PCAP_API struct addrinfo *pcap_nametoaddrinfo(const char *);
PCAP_API bpf_u_int32 pcap_nametonetaddr(const char *);

85
libpcap/pcap/pcap-inttypes.h
View File

@@ -32,8 +32,8 @@
#define pcap_pcap_inttypes_h
/*
* If we're compiling with Visual Studio, make sure we have at least
* VS 2015 or later, so we have sufficient C99 support.
* If we're compiling with Visual Studio, make sure the C99 integer
* types are defined, by hook or by crook.
*
* XXX - verify that we have at least C99 support on UN*Xes?
*
@@ -42,39 +42,60 @@
*/
#if defined(_MSC_VER)
/*
* Compiler is MSVC. Make sure we have VS 2015 or later.
* Compiler is MSVC.
*/
#if _MSC_VER < 1900
#error "Building libpcap requires VS 2015 or later"
#if _MSC_VER >= 1800
/*
* VS 2013 or newer; we have <inttypes.h>.
*/
#include <inttypes.h>
#else
/*
* Earlier VS; we have to define this stuff ourselves.
* We don't support building libpcap with earlier versions of VS,
* but SDKs for Npcap have to support building applications using
* earlier versions of VS, so we work around this by defining
* those types ourselves, as some files use them.
*/
typedef unsigned char uint8_t;
typedef signed char int8_t;
typedef unsigned short uint16_t;
typedef signed short int16_t;
typedef unsigned int uint32_t;
typedef signed int int32_t;
#ifdef _MSC_EXTENSIONS
typedef unsigned _int64 uint64_t;
typedef _int64 int64_t;
#else /* _MSC_EXTENSIONS */
typedef unsigned long long uint64_t;
typedef long long int64_t;
#endif
#endif
#endif
#else /* defined(_MSC_VER) */
/*
* Not Visual Studio.
* Include <inttypes.h> to get the integer types and PRi[doux]64 values
* defined.
*
* If the compiler is MinGW, we assume we have <inttypes.h> - and
* support for %zu in the formatted printing functions.
*
* If the target is UN*X, we assume we have a C99-or-later development
* environment, and thus have <inttypes.h> - and support for %zu in
* the formatted printing functions.
*
* If the target is MS-DOS, we assume we have <inttypes.h> - and support
* for %zu in the formatted printing functions.
*
* I.e., assume we have <inttypes.h> and that it suffices.
*/
/*
* Include <inttypes.h> to get the integer types and PRi[doux]64 values
* defined.
*
* If the compiler is MSVC, we require VS 2015 or newer, so we
* have <inttypes.h> - and support for %zu in the formatted
* printing functions.
*
* If the compiler is MinGW, we assume we have <inttypes.h> - and
* support for %zu in the formatted printing functions.
*
* If the target is UN*X, we assume we have a C99-or-later development
* environment, and thus have <inttypes.h> - and support for %zu in
* the formatted printing functions.
*
* If the target is MS-DOS, we assume we have <inttypes.h> - and support
* for %zu in the formatted printing functions.
*
* I.e., assume we have <inttypes.h> and that it suffices.
*/
/*
* XXX - somehow make sure we have enough C99 support with other
* compilers and support libraries?
*/
/*
* XXX - somehow make sure we have enough C99 support with other
* compilers and support libraries?
*/
#include <inttypes.h>
#include <inttypes.h>
#endif /* defined(_MSC_VER) */
#endif /* pcap/pcap-inttypes.h */

26
libpcap/pcap/pcap.h
View File

@@ -71,7 +71,7 @@
/*
* Some software that uses libpcap/WinPcap/Npcap defines _MSC_VER before
* includeing pcap.h if it's not defined - and it defines it to 1500.
* including pcap.h if it's not defined - and it defines it to 1500.
* (I'm looking at *you*, lwIP!)
*
* Attempt to detect this, and undefine _MSC_VER so that we can *reliably*
@@ -391,8 +391,8 @@ PCAP_API int pcap_init(unsigned int, char *);
* should use pcap_findalldevs() and use the first device.
*/
PCAP_AVAILABLE_0_4
PCAP_API char *pcap_lookupdev(char *)
PCAP_DEPRECATED(pcap_lookupdev, "use 'pcap_findalldevs' and use the first device");
PCAP_DEPRECATED("use 'pcap_findalldevs' and use the first device")
PCAP_API char *pcap_lookupdev(char *);
PCAP_AVAILABLE_0_4
PCAP_API int pcap_lookupnet(const char *, bpf_u_int32 *, bpf_u_int32 *, char *);
@@ -571,7 +571,7 @@ PCAP_AVAILABLE_0_4
PCAP_API const u_char *pcap_next(pcap_t *, struct pcap_pkthdr *);
PCAP_AVAILABLE_0_8
PCAP_API int pcap_next_ex(pcap_t *, struct pcap_pkthdr **, const u_char **);
PCAP_API int pcap_next_ex(pcap_t *, struct pcap_pkthdr **, const u_char **);
PCAP_AVAILABLE_0_8
PCAP_API void pcap_breakloop(pcap_t *);
@@ -583,7 +583,7 @@ PCAP_AVAILABLE_0_4
PCAP_API int pcap_setfilter(pcap_t *, struct bpf_program *);
PCAP_AVAILABLE_0_9
PCAP_API int pcap_setdirection(pcap_t *, pcap_direction_t);
PCAP_API int pcap_setdirection(pcap_t *, pcap_direction_t);
PCAP_AVAILABLE_0_7
PCAP_API int pcap_getnonblock(pcap_t *, char *);
@@ -614,6 +614,7 @@ PCAP_API int pcap_compile(pcap_t *, struct bpf_program *, const char *, int,
bpf_u_int32);
PCAP_AVAILABLE_0_5
PCAP_DEPRECATED("use pcap_open_dead(), pcap_compile() and pcap_close()")
PCAP_API int pcap_compile_nopcap(int, int, struct bpf_program *,
const char *, int, bpf_u_int32);
@@ -680,8 +681,8 @@ PCAP_API FILE *pcap_file(pcap_t *);
* a Windows-only pcap_handle() API that returns the HANDLE.
*/
PCAP_AVAILABLE_0_4
PCAP_API int pcap_fileno(pcap_t *)
PCAP_DEPRECATED(pcap_fileno, "use 'pcap_handle'");
PCAP_DEPRECATED("request a 'pcap_handle' that returns a HANDLE if you need it")
PCAP_API int pcap_fileno(pcap_t *);
#else /* _WIN32 */
PCAP_AVAILABLE_0_4
PCAP_API int pcap_fileno(pcap_t *);
@@ -878,7 +879,7 @@ PCAP_API const char *pcap_lib_version(void);
/*
* The formats allowed by pcap_open() are the following:
* - file://path_and_filename [opens a local file]
* - rpcap://devicename [opens the selected device devices available on the local host, without using the RPCAP protocol]
* - rpcap://devicename [opens the selected device available on the local host, without using the RPCAP protocol]
* - rpcap://host/devicename [opens the selected device available on a remote host]
* - rpcap://host:port/devicename [opens the selected device available on a remote host, using a non-standard port for RPCAP]
* - adaptername [to open a local adapter; kept for compatibility, but it is strongly discouraged]
@@ -1013,10 +1014,11 @@ PCAP_API const char *pcap_lib_version(void);
* authentication is successful (and the user has the right to open network
* devices) the RPCAP connection will continue; otherwise it will be dropped.
*
* *******NOTE********: the username and password are sent over the network
* to the capture server *IN CLEAR TEXT*. Don't use this on a network
* that you don't completely control! (And be *really* careful in your
* definition of "completely"!)
* *******NOTE********: unless TLS is being used, the username and password
* are sent over the network to the capture server *IN CLEAR TEXT*. Don't
* use this, without TLS (i.e., with rpcap:// rather than rpcaps://) on
* a network that you don't completely control! (And be *really* careful
* in your definition of "completely"!)
*/
#define RPCAP_RMTAUTH_PWD 1

73
libpcap/pcap_breakloop.3pcap
View File

@@ -17,7 +17,7 @@
.\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
.\"
.TH PCAP_BREAKLOOP 3PCAP "25 July 2018"
.TH PCAP_BREAKLOOP 3PCAP "8 December 2022"
.SH NAME
pcap_breakloop \- force a pcap_dispatch() or pcap_loop() call to return
.SH SYNOPSIS
@@ -39,11 +39,23 @@ or
to return rather than looping; they will return the number of packets
that have been processed so far, or
.B PCAP_ERROR_BREAK
if no packets have been processed so far.
if no packets have been processed so far. If the loop is currently
blocked waiting for packets to arrive,
.BR pcap_breakloop ()
will also, on some platforms, wake up the thread that is blocked. In
this version of libpcap, the only platforms on which a wakeup is caused
by
.BR pcap_breakloop ()
are Linux and Windows, and the wakeup will only be caused when capturing
on network interfaces; it will not be caused on other operating systems,
and will not be caused on any OS when capturing on other types of
devices.
.PP
This routine is safe to use inside a signal handler on UNIX or a console
control handler on Windows, as it merely sets a flag that is checked
within the loop.
control handler on Windows, or in a thread other than the one in which
the loop is running, as it merely sets a flag that is checked within the
loop and, on some platforms, performs a signal-safe and thread-safe API
call.
.PP
The flag is checked in loops reading packets from the OS - a signal by
itself will not necessarily terminate those loops - as well as in loops
@@ -61,23 +73,37 @@ packets arrive and the call completes.
.PP
.ft B
Note also that, in a multi-threaded application, if one thread is
blocked in pcap_dispatch(), pcap_loop(), pcap_next(3PCAP), or pcap_next_ex(3PCAP),
a call to pcap_breakloop() in a different thread will not unblock that
thread.
blocked in pcap_dispatch(), pcap_loop(), pcap_next(3PCAP), or
pcap_next_ex(3PCAP), a call to pcap_breakloop() in a different thread
will only unblock that thread on the platforms and capture devices
listed above.
.PP
If a non-zero packet buffer timeout is set on the
.BR pcap_t ,
and you are capturing on a network interface, the thread will be
unblocked with the timeout expires. This is not guaranteed to happen
unless at least one packet has arrived; the only platforms on which it
happens are macOS, the BSDs, Solaris 11, AIX, Tru64 UNIX, and Windows.
.PP
If you want to ensure that the loop will eventually be unblocked on any
other platforms, or unblocked when capturing on a device other than a
network interface, you will need to use whatever mechanism the OS
provides for breaking a thread out of blocking calls in order to unblock
the thread, such as thread cancellation or thread signalling in systems
that support POSIX threads.
.ft R
You will need to use whatever mechanism the OS provides for
breaking a thread out of blocking calls in order to unblock the thread,
such as thread cancellation or thread signalling in systems that support
POSIX threads, or
.BR SetEvent ()
on the result of
.BR pcap_getevent ()
on a
.B pcap_t
on which the thread is blocked on Windows. Asynchronous procedure calls
will not work on Windows, as a thread blocked on a
.B pcap_t
will not be in an alertable state.
.PP
.ft B
Note that if pcap_breakloop() unblocks the thread capturing packets, and
you are running on a platform that supports packet buffering, there may
be packets in the buffer that arrived before pcap_breakloop() were
called but that weren't yet provided to libpcap, those packets will not
have been processed by pcap_dispatch() or pcap_loop(). If
pcap_breakloop() was called in order to terminate the capture process,
then, in order to process those packets, you would have to call
pcap_dispatch() one time in order to process the last batch of packets.
This may block until the packet buffer timeout expires, so a non-zero
packet buffer timeout must be used.
.ft R
.PP
Note that
@@ -111,5 +137,12 @@ If a positive number is returned, the flag is not cleared, so a
subsequent call will return
.B PCAP_ERROR_BREAK
and clear the flag.
.SH BACKWARD COMPATIBILITY
.PP
This function became available in libpcap release 0.8.1.
.PP
In releases prior to libpcap 1.10.0,
.BR pcap_breakloop ()
will not wake up a blocked thread on any platform.
.SH SEE ALSO
.BR pcap (3PCAP)

4
libpcap/pcap_compile.3pcap.in
View File

@@ -37,9 +37,9 @@ const char *str, int optimize, bpf_u_int32 netmask);
is used to compile the string
.I str
into a filter program. See
.BR pcap-filter (@MAN_MISC_INFO@)
.BR \%pcap-filter (@MAN_MISC_INFO@)
for the syntax of that string.
.I program
.I fp
is a pointer to a
.I bpf_program
struct and is filled in by

4
libpcap/pcap_datalink_val_to_name.3pcap
View File

@@ -17,7 +17,7 @@
.\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
.\"
.TH PCAP_DATALINK_VAL_TO_NAME 3PCAP "15 April 2019"
.TH PCAP_DATALINK_VAL_TO_NAME 3PCAP "4 May 2022"
.SH NAME
pcap_datalink_val_to_name, pcap_datalink_val_to_description,
pcap_datalink_val_to_description_or_dlt \- get a
@@ -66,7 +66,7 @@ the dlt argument.
.SH BACKWARD COMPATIBILITY
The
.BR pcap_datalink_val_to_description_or_dlt ()
function first became available in libpcap release 1.10.0. In previous
function first became available in libpcap release 1.9.1. In previous
releases,
.BR pcap_datalink_val_to_description ()
would have to be called and, if it returned

2
libpcap/pcap_dump_open.3pcap.in
View File

@@ -81,7 +81,7 @@ order as the host opening the file, and has the same time stamp
precision, link-layer header type, and snapshot length as
.IR p ,
it will write new packets at the end of the file.
.SH RETURN VALUES
.SH RETURN VALUE
A pointer to a
.B pcap_dumper_t
structure to use in subsequent

4
libpcap/pcap_findalldevs.3pcap
View File

@@ -204,7 +204,9 @@ returns
on success and
.B PCAP_ERROR
on failure; as indicated, finding no
devices is considered success, rather than failure, so 0 will be
devices is considered success, rather than failure, so
.B 0
will be
returned in that case. If
.B PCAP_ERROR
is returned,

2
libpcap/pcap_get_tstamp_precision.3pcap.in
View File

@@ -53,4 +53,4 @@ in seconds and microseconds.
.SH SEE ALSO
.BR pcap (3PCAP),
.BR pcap_set_tstamp_precision (3PCAP),
.BR pcap-tstamp (@MAN_MISC_INFO@)
.BR \%pcap-tstamp (@MAN_MISC_INFO@)

14
libpcap/pcap_inject.3pcap
View File

@@ -17,7 +17,7 @@
.\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
.\"
.TH PCAP_INJECT 3PCAP "25 July 2018"
.TH PCAP_INJECT 3PCAP "5 March 2022"
.SH NAME
pcap_inject, pcap_sendpacket \- transmit a packet
.SH SYNOPSIS
@@ -74,16 +74,20 @@ comes from OpenBSD;
comes from WinPcap/Npcap. Both are provided for compatibility.)
.SH RETURN VALUE
.BR pcap_inject ()
returns the number of bytes written on success and
returns the number of bytes written on success,
.B PCAP_ERROR_NOT_ACTIVATED
if called on a capture handle that has been created but not activated, and
.B PCAP_ERROR
on failure.
on other errors.
.PP
.BR pcap_sendpacket ()
returns
.B 0
on success and
on success,
.B PCAP_ERROR_NOT_ACTIVATED
if called on a capture handle that has been created but not activated, and
.B PCAP_ERROR
on failure.
on other errors.
.PP
If
.B PCAP_ERROR

4
libpcap/pcap_list_tstamp_types.3pcap.in
View File

@@ -42,7 +42,7 @@ allocates an array to hold the list and sets
.I *tstamp_typesp
to point to the array.
See
.BR pcap-tstamp (@MAN_MISC_INFO@)
.BR \%pcap-tstamp (@MAN_MISC_INFO@)
for a list of all the time stamp types.
.PP
The caller is responsible for freeing the array with
@@ -79,4 +79,4 @@ type offered by a capture source is available.
.SH SEE ALSO
.BR pcap (3PCAP),
.BR pcap_tstamp_type_val_to_name (3PCAP),
.BR pcap-tstamp (@MAN_MISC_INFO@)
.BR \%pcap-tstamp (@MAN_MISC_INFO@)

20
libpcap/pcap_loop.3pcap
View File

@@ -17,7 +17,7 @@
.\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
.\"
.TH PCAP_LOOP 3PCAP "22 August 2020"
.TH PCAP_LOOP 3PCAP "5 March 2022"
.SH NAME
pcap_loop, pcap_dispatch \- process packets from a live capture or savefile
.SH SYNOPSIS
@@ -164,12 +164,15 @@ if
.I cnt
is exhausted or if, when reading from a ``savefile'', no more packets
are available. It returns
.B PCAP_ERROR
if an error occurs or
.B PCAP_ERROR_BREAK
if the loop terminated due to a call to
.BR pcap_breakloop ()
before any packets were processed.
before any packets were processed,
.B PCAP_ERROR_NOT_ACTIVATED
if called on a capture handle that has been created but not activated,
or
.B PCAP_ERROR
if another error occurs.
It does
.B not
return when live packet buffer timeouts occur; instead, it attempts to
@@ -184,12 +187,15 @@ packets arrive, the timeout expires before any packets arrive, or if the
file descriptor for the capture device is in non-blocking mode and no
packets were available to be read) or if no more packets are available
in a ``savefile.'' It returns
.B PCAP_ERROR
if an error occurs or
.B PCAP_ERROR_BREAK
if the loop terminated due to a call to
.BR pcap_breakloop ()
before any packets were processed.
before any packets were processed,
.B PCAP_ERROR_NOT_ACTIVATED
if called on a capture handle that has been created but not activated,
or
.B PCAP_ERROR
if another error occurs.
.ft B
If your application uses pcap_breakloop(),
make sure that you explicitly check for PCAP_ERROR and PCAP_ERROR_BREAK,

Some files were not shown because too many files have changed in this diff Show More