Wireshark  4.3.0
The Wireshark network protocol analyzer
addr_resolv.h
Go to the documentation of this file.
1 
12 /* The buffers returned by these functions are all allocated with a
13  * packet lifetime and does not have to be freed.
14  * However, take into account that when the packet dissection
15  * completes, these buffers will be automatically reclaimed/freed.
16  * If you need the buffer to remain for a longer scope than packet lifetime
17  * you must copy the content to an wmem_file_scope() buffer.
18  */
19 
20 #ifndef __RESOLV_H__
21 #define __RESOLV_H__
22 
23 #include <epan/address.h>
24 #include <epan/tvbuff.h>
25 #include <wsutil/inet_cidr.h>
26 #include <epan/to_str.h>
27 #include <wiretap/wtap.h>
28 #include "ws_symbol_export.h"
29 
30 #ifdef __cplusplus
31 extern "C" {
32 #endif /* __cplusplus */
33 
34 #ifndef MAXNAMELEN
35 #define MAXNAMELEN 64 /* max name length (hostname and port name) */
36 #endif
37 
38 #ifndef MAXVLANNAMELEN
39 #define MAXVLANNAMELEN 128 /* max vlan name length */
40 #endif
41 
42 #define BASE_ENTERPRISES BASE_CUSTOM
43 #define STRINGS_ENTERPRISES CF_FUNC(enterprises_base_custom)
44 
48 typedef struct _e_addr_resolve {
49  bool mac_name;
50  bool network_name;
54  bool vlan_name;
55  bool ss7pc_name;
58 
59 #define ADDR_RESOLV_MACADDR(at) \
60  (((at)->type == AT_ETHER))
61 
62 #define ADDR_RESOLV_NETADDR(at) \
63  (((at)->type == AT_IPv4) || ((at)->type == AT_IPv6) || ((at)->type == AT_IPX))
64 
65 struct hashether;
66 typedef struct hashether hashether_t;
67 
68 struct hashwka;
69 typedef struct hashwka hashwka_t;
70 
71 struct hashmanuf;
72 typedef struct hashmanuf hashmanuf_t;
73 
74 typedef struct serv_port {
75  const char *udp_name;
76  const char *tcp_name;
77  const char *sctp_name;
78  const char *dccp_name;
79  const char *numeric;
80 } serv_port_t;
81 
82 typedef struct _resolved_name {
83  char name[MAXNAMELEN];
85 
86 /*
87  * Flags for various resolved name hash table entries.
88  */
89 #define TRIED_RESOLVE_ADDRESS (1U<<0) /* XXX - what does this bit *really* mean? */
90 #define NAME_RESOLVED (1U<<1) /* the name field contains a host name, not a printable address */
91 #define RESOLVED_ADDRESS_USED (1U<<2) /* a get_hostname* call returned the host name */
92 #define STATIC_HOSTNAME (1U<<3) /* do not update entries from hosts file with DNS responses */
93 #define NAME_RESOLVED_PREFIX (1U<<4) /* name was generated from a prefix (e.g., OUI) instead of the entire address */
94 
95 #define TRIED_OR_RESOLVED_MASK (TRIED_RESOLVE_ADDRESS | NAME_RESOLVED)
96 #define USED_AND_RESOLVED_MASK (NAME_RESOLVED | RESOLVED_ADDRESS_USED)
97 
98 /*
99  * Flag controlling what names to resolve.
100  */
101 WS_DLL_PUBLIC e_addr_resolve gbl_resolv_flags;
102 
103 /* global variables */
104 
105 extern gchar *g_ethers_path;
106 extern gchar *g_ipxnets_path;
107 extern gchar *g_pethers_path;
108 extern gchar *g_pipxnets_path;
109 
110 /* Functions in addr_resolv.c */
111 
112 /*
113  * udp_port_to_display() returns the port name corresponding to that UDP port,
114  * or the port number as a string if not found.
115  */
116 WS_DLL_PUBLIC gchar *udp_port_to_display(wmem_allocator_t *allocator, guint port);
117 
118 /*
119  * tcp_port_to_display() returns the port name corresponding to that TCP port,
120  * or the port number as a string if not found.
121  */
122 WS_DLL_PUBLIC gchar *tcp_port_to_display(wmem_allocator_t *allocator, guint port);
123 
124 /*
125  * dccp_port_to_display() returns the port name corresponding to that DCCP port,
126  * or the port number as a string if not found.
127  */
128 extern gchar *dccp_port_to_display(wmem_allocator_t *allocator, guint port);
129 
130 /*
131  * sctp_port_to_display() returns the port name corresponding to that SCTP port,
132  * or the port number as a string if not found.
133  */
134 WS_DLL_PUBLIC gchar *sctp_port_to_display(wmem_allocator_t *allocator, guint port);
135 
136 /*
137  * serv_name_lookup() returns the well known service name string, or numeric
138  * representation if one doesn't exist.
139  */
140 WS_DLL_PUBLIC const gchar *serv_name_lookup(port_type proto, guint port);
141 
142 /*
143  * enterprises_lookup() returns the private enterprise code string, or 'unknown_str'
144  * if one doesn't exist, or "<Unknown>" if that is NULL.
145  */
146 WS_DLL_PUBLIC const gchar *enterprises_lookup(guint32 value, const char *unknown_str);
147 
148 /*
149  * try_enterprises_lookup() returns the private enterprise code string, or NULL if not found.
150  */
151 WS_DLL_PUBLIC const gchar *try_enterprises_lookup(guint32 value);
152 
153 /*
154  * enterprises_base_custom() prints the "name (decimal)" string to 'buf'.
155  * (Used with BASE_CUSTOM field display).
156  */
157 WS_DLL_PUBLIC void enterprises_base_custom(char *buf, guint32 value);
158 
159 /*
160  * try_serv_name_lookup() returns the well known service name string, or NULL if
161  * one doesn't exist.
162  */
163 WS_DLL_PUBLIC const gchar *try_serv_name_lookup(port_type proto, guint port);
164 
165 /*
166  * port_with_resolution_to_str() prints the "<resolved> (<numerical>)" port
167  * string.
168  */
169 WS_DLL_PUBLIC gchar *port_with_resolution_to_str(wmem_allocator_t *scope,
170  port_type proto, guint port);
171 
172 /*
173  * port_with_resolution_to_str_buf() prints the "<resolved> (<numerical>)" port
174  * string to 'buf'. Return value is the same as snprintf().
175  */
176 WS_DLL_PUBLIC int port_with_resolution_to_str_buf(gchar *buf, gulong buf_size,
177  port_type proto, guint port);
178 
179 /*
180  * Asynchronous host name lookup initialization, processing, and cleanup
181  */
182 
183 /* Setup name resolution preferences */
184 struct pref_module;
185 extern void addr_resolve_pref_init(struct pref_module *nameres);
186 extern void addr_resolve_pref_apply(void);
187 
188 /*
189  * disable_name_resolution() sets all relevant gbl_resolv_flags to FALSE.
190  */
191 WS_DLL_PUBLIC void disable_name_resolution(void);
192 
200 WS_DLL_PUBLIC gboolean host_name_lookup_process(void);
201 
202 /* get_hostname returns the host name or "%d.%d.%d.%d" if not found */
203 WS_DLL_PUBLIC const gchar *get_hostname(const guint addr);
204 
205 /* get_hostname6 returns the host name, or numeric addr if not found */
206 WS_DLL_PUBLIC const gchar *get_hostname6(const ws_in6_addr *ad);
207 
208 /* get_ether_name returns the logical name if found in ethers files else
209  "<vendor>_%02x:%02x:%02x" if the vendor code is known else
210  "%02x:%02x:%02x:%02x:%02x:%02x" */
211 WS_DLL_PUBLIC const gchar *get_ether_name(const guint8 *addr);
212 
213 /* get_hostname_ss7pc returns the logical name if found in ss7pcs file else
214  '\0' on the first call or the unresolved Point Code in the subsequent calls */
215 const gchar *get_hostname_ss7pc(const guint8 ni, const guint32 pc);
216 
217 /* fill_unresolved_ss7pc initializes the unresolved Point Code Address string in the hashtable */
218 void fill_unresolved_ss7pc(const gchar * pc_addr, const guint8 ni, const guint32 pc);
219 
220 
221 /* Same as get_ether_name with tvb support */
222 WS_DLL_PUBLIC const gchar *tvb_get_ether_name(tvbuff_t *tvb, gint offset);
223 
224 /* get_ether_name_if_known returns the logical name if an exact match is
225  * found (in ethers files or from ARP) else NULL.
226  * @note: It returns NULL for addresses if only a prefix can be resolved
227  * into a manufacturer name.
228  */
229 const gchar *get_ether_name_if_known(const guint8 *addr);
230 
231 /*
232  * Given a sequence of 3 octets containing an OID, get_manuf_name()
233  * returns an abbreviated form of the vendor name, or "%02x:%02x:%02x"
234  * if not known. (The short form of the name is roughly similar in length
235  * to the hexstring, so that they may be used in similar places.)
236  * @note: This only looks up entries in the 24-bit OUI table (and the
237  * CID table), not the MA-M and MA-S tables. The hex byte string is
238  * returned for sequences registered to the IEEE Registration Authority
239  * for the purposes of being subdivided into MA-M and MA-S.
240  */
241 extern const gchar *get_manuf_name(const guint8 *addr, size_t size);
242 
243 /*
244  * Given a sequence of 3 or more octets containing an OUI,
245  * get_manuf_name_if_known() returns the vendor name, or NULL if not known.
246  * @note Unlike get_manuf_name() above, this returns the full vendor name.
247  * @note If size is 6 or larger, vendor names will be looked up in the MA-M
248  * and MA-S tables as well (but note that the length of the sequence is
249  * not returned.) If size is less than 6, only the 24 bit tables are searched,
250  * and NULL is returned for sequences registered to the IEEE Registration
251  * Authority for purposes of being subdivided into MA-M and MA-S.
252  */
253 WS_DLL_PUBLIC const gchar *get_manuf_name_if_known(const guint8 *addr, size_t size);
254 
255 /*
256  * Given an integer containing a 24-bit OUI (or CID),
257  * uint_get_manuf_name_if_known() returns the vendor name, or NULL if not known.
258  * @note NULL is returned for sequences registered to the IEEE Registration
259  * Authority for purposes of being subdivided into MA-M and MA-S.
260  */
261 extern const gchar *uint_get_manuf_name_if_known(const guint32 oid);
262 
263 /*
264  * Given a tvbuff and an offset in that tvbuff for a 3-octet OID,
265  * tvb_get_manuf_name() returns an abbreviated vendor name, or "%02x:%02x:%02x"
266  * if not known.
267  * @note: This only looks up entries in the 24-bit OUI table (and the
268  * CID table), not the MA-M and MA-S tables. The hex byte string is
269  * returned for sequences registered to the IEEE Registration Authority
270  * for the purposes of being subdivided into MA-M and MA-S.
271  */
272 WS_DLL_PUBLIC const gchar *tvb_get_manuf_name(tvbuff_t *tvb, gint offset);
273 
274 /*
275  * Given a tvbuff and an offset in that tvbuff for a 3-octet OID,
276  * tvb_get_manuf_name_if_known() returns the full vendor name, or NULL
277  * if not known.
278  * @note NULL is returned for sequences registered to the IEEE Registration
279  * Authority for purposes of being subdivided into MA-M and MA-S.
280  */
281 WS_DLL_PUBLIC const gchar *tvb_get_manuf_name_if_known(tvbuff_t *tvb, gint offset);
282 
283 /* eui64_to_display returns "<vendor>_%02x:%02x:%02x:%02x:%02x:%02x" if the
284  * vendor code is known (or as appropriate for MA-M and MA-S), and if not,
285  * "%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x"
286 */
287 extern gchar *eui64_to_display(wmem_allocator_t *allocator, const guint64 addr);
288 
289 /* get_ipxnet_name returns the logical name if found in an ipxnets file,
290  * or a string formatted with "%X" if not */
291 extern gchar *get_ipxnet_name(wmem_allocator_t *allocator, const guint32 addr);
292 
293 /* get_vlan_name returns the logical name if found in a vlans file,
294  * or the VLAN ID itself as a string if not found*/
295 extern gchar *get_vlan_name(wmem_allocator_t *allocator, const guint16 id);
296 
297 WS_DLL_PUBLIC guint get_hash_ether_status(hashether_t* ether);
298 WS_DLL_PUBLIC bool get_hash_ether_used(hashether_t* ether);
299 WS_DLL_PUBLIC char* get_hash_ether_hexaddr(hashether_t* ether);
300 WS_DLL_PUBLIC char* get_hash_ether_resolved_name(hashether_t* ether);
301 
302 WS_DLL_PUBLIC bool get_hash_manuf_used(hashmanuf_t* manuf);
303 WS_DLL_PUBLIC char* get_hash_manuf_resolved_name(hashmanuf_t* manuf);
304 
305 WS_DLL_PUBLIC bool get_hash_wka_used(hashwka_t* wka);
306 WS_DLL_PUBLIC char* get_hash_wka_resolved_name(hashwka_t* wka);
307 
308 /* adds a hostname/IPv4 in the hash table */
309 WS_DLL_PUBLIC void add_ipv4_name(const guint addr, const gchar *name, const bool static_entry);
310 
311 /* adds a hostname/IPv6 in the hash table */
312 WS_DLL_PUBLIC void add_ipv6_name(const ws_in6_addr *addr, const gchar *name, const bool static_entry);
313 
323 WS_DLL_PUBLIC gboolean add_hosts_file (const char *hosts_file);
324 
325 /* adds a hostname in the hash table */
326 WS_DLL_PUBLIC gboolean add_ip_name_from_string (const char *addr, const char *name);
327 
328 /* Get the user defined name, for a given address */
329 WS_DLL_PUBLIC resolved_name_t* get_edited_resolved_name(const char* addr);
330 
331 
338 WS_DLL_PUBLIC addrinfo_lists_t *get_addrinfo_list(void);
339 
340 /* add ethernet address / name corresponding to IP address */
341 extern void add_ether_byip(const guint ip, const guint8 *eth);
342 
354 WS_DLL_PUBLIC
355 gboolean get_host_ipaddr(const char *host, guint32 *addrp);
356 
368 WS_DLL_PUBLIC
369 gboolean get_host_ipaddr6(const char *host, ws_in6_addr *addrp);
370 
371 WS_DLL_PUBLIC
372 wmem_map_t *get_manuf_hashtable(void);
373 
374 WS_DLL_PUBLIC
375 wmem_map_t *get_wka_hashtable(void);
376 
377 WS_DLL_PUBLIC
378 wmem_map_t *get_eth_hashtable(void);
379 
380 WS_DLL_PUBLIC
381 wmem_map_t *get_serv_port_hashtable(void);
382 
383 WS_DLL_PUBLIC
384 wmem_map_t *get_ipxnet_hash_table(void);
385 
386 WS_DLL_PUBLIC
387 wmem_map_t *get_vlan_hash_table(void);
388 
389 WS_DLL_PUBLIC
390 wmem_map_t *get_ipv4_hash_table(void);
391 
392 WS_DLL_PUBLIC
393 wmem_map_t *get_ipv6_hash_table(void);
394 
395 /*
396  * XXX - if we ever have per-session host name etc. information, we
397  * should probably have the "resolve synchronously or asynchronously"
398  * flag be per-session, set with an epan API.
399  */
400 WS_DLL_PUBLIC
401 void set_resolution_synchrony(gboolean synchronous);
402 
403 /*
404  * private functions (should only be called by epan directly)
405  */
406 
407 WS_DLL_LOCAL
408 void name_resolver_init(void);
409 
410 /* Reinitialize hostname resolution subsystem */
411 WS_DLL_LOCAL
412 void host_name_lookup_reset(void);
413 
414 WS_DLL_LOCAL
415 void addr_resolv_init(void);
416 
417 WS_DLL_LOCAL
418 void addr_resolv_cleanup(void);
419 
420 WS_DLL_PUBLIC
421 gboolean str_to_ip(const char *str, void *dst);
422 
423 WS_DLL_PUBLIC
424 gboolean str_to_ip6(const char *str, void *dst);
425 
426 WS_DLL_LOCAL
427 gboolean str_to_eth(const char *str, char *eth_bytes);
428 
429 WS_DLL_LOCAL
430 guint ipv6_oat_hash(gconstpointer key);
431 
432 WS_DLL_LOCAL
433 gboolean ipv6_equal(gconstpointer v1, gconstpointer v2);
434 
435 #ifdef __cplusplus
436 }
437 #endif /* __cplusplus */
438 
439 #endif /* __RESOLV_H__ */
WS_DLL_PUBLIC gboolean get_host_ipaddr(const char *host, guint32 *addrp)
Definition: addr_resolv.c:3876
WS_DLL_PUBLIC gboolean host_name_lookup_process(void)
Definition: addr_resolv.c:3283
WS_DLL_PUBLIC gboolean add_hosts_file(const char *hosts_file)
Definition: addr_resolv.c:2684
WS_DLL_PUBLIC gboolean get_host_ipaddr6(const char *host, ws_in6_addr *addrp)
Definition: addr_resolv.c:3941
WS_DLL_PUBLIC addrinfo_lists_t * get_addrinfo_list(void)
Definition: addr_resolv.c:2811
struct _e_addr_resolve e_addr_resolve
Flags to control name resolution.
Flags to control name resolution.
Definition: addr_resolv.h:48
bool dns_pkt_addr_resolution
Definition: addr_resolv.h:52
bool maxmind_geoip
Definition: addr_resolv.h:56
bool ss7pc_name
Definition: addr_resolv.h:55
bool use_external_net_name_resolver
Definition: addr_resolv.h:53
bool transport_name
Definition: addr_resolv.h:51
bool mac_name
Definition: addr_resolv.h:49
bool network_name
Definition: addr_resolv.h:50
bool vlan_name
Definition: addr_resolv.h:54
Definition: addr_resolv.h:82
Definition: wmem_allocator.h:27
Definition: wmem_map.c:44
Definition: wtap.h:1505
Definition: inet_addr.h:21
Definition: addr_resolv.c:162
Definition: addr_resolv.c:174
Definition: addr_resolv.c:169
Definition: prefs-int.h:27
const char * name
Definition: prefs-int.h:28
Definition: addr_resolv.h:74
Definition: tvbuff-int.h:35