Wireshark  4.3.0
The Wireshark network protocol analyzer
wtap-int.h
Go to the documentation of this file.
1 
9 #ifndef __WTAP_INT_H__
10 #define __WTAP_INT_H__
11 
12 #include "wtap.h"
13 #include <time.h>
14 
15 #ifdef _WIN32
16 #include <winsock2.h>
17 #endif
18 
19 #include <wsutil/array.h>
20 #include <wsutil/file_util.h>
21 
22 #include "wtap_opttypes.h"
23 
24 void wtap_init_file_type_subtypes(void);
25 
26 WS_DLL_PUBLIC
27 int wtap_fstat(wtap *wth, ws_statb64 *statb, int *err);
28 
29 typedef bool (*subtype_read_func)(struct wtap*, wtap_rec *,
30  Buffer *, int *, char **, int64_t *);
31 typedef bool (*subtype_seek_read_func)(struct wtap*, int64_t, wtap_rec *,
32  Buffer *, int *, char **);
33 
37 struct wtap {
38  FILE_T fh;
40  bool ispipe;
41  int file_type_subtype;
42  unsigned snapshot_length;
43  GArray *shb_hdrs;
45  GArray *interface_data;
47  GArray *nrbs;
48  GArray *dsbs;
49  GArray *meta_events;
51  char *pathname;
53  void *priv; /* this one holds per-file state and is free'd automatically by wtap_close() */
54  void *wslua_data; /* this one holds wslua state info and is not free'd */
55 
56  subtype_read_func subtype_read;
57  subtype_seek_read_func subtype_seek_read;
58  void (*subtype_sequential_close)(struct wtap*);
59  void (*subtype_close)(struct wtap*);
60  int file_encap; /* per-file, for those
61  * file formats that have
62  * per-file encapsulation
63  * types rather than per-packet
64  * encapsulation types
65  */
66  int file_tsprec; /* per-file timestamp precision
67  * of the fractional part of
68  * the time stamp, for those
69  * file formats that have
70  * per-file timestamp
71  * precision rather than
72  * per-packet timestamp
73  * precision
74  * e.g. WTAP_TSPREC_USEC
75  */
76  wtap_new_ipv4_callback_t add_new_ipv4;
77  wtap_new_ipv6_callback_t add_new_ipv6;
78  wtap_new_secrets_callback_t add_new_secrets;
79  GPtrArray *fast_seek;
80 };
81 
82 struct wtap_dumper;
83 
84 /*
85  * This could either be a FILE * or a gzFile.
86  */
87 typedef void *WFILE_T;
88 
89 typedef bool (*subtype_add_idb_func)(struct wtap_dumper*, wtap_block_t,
90  int *, char **);
91 
92 typedef bool (*subtype_write_func)(struct wtap_dumper*,
93  const wtap_rec *rec,
94  const uint8_t*, int*, char**);
95 typedef bool (*subtype_finish_func)(struct wtap_dumper*, int*, char**);
96 
97 struct wtap_dumper {
98  WFILE_T fh;
99  int file_type_subtype;
100  int snaplen;
101  int file_encap; /* per-file, for those
102  * file formats that have
103  * per-file encapsulation
104  * types rather than per-packet
105  * encapsulation types
106  */
107  wtap_compression_type compression_type;
108  bool needs_reload; /* true if the file requires re-loading after saving with wtap */
109  int64_t bytes_dumped;
110 
111  void *priv; /* this one holds per-file state and is free'd automatically by wtap_dump_close() */
112  void *wslua_data; /* this one holds wslua state info and is not free'd */
113 
114  subtype_add_idb_func subtype_add_idb; /* add an IDB, writing it as necessary */
115  subtype_write_func subtype_write; /* write out a record */
116  subtype_finish_func subtype_finish; /* write out information to finish writing file */
117 
119  GArray *shb_hdrs;
120  const GArray *shb_iface_to_global;
121  GArray *interface_data;
122  GArray *dsbs_initial;
124  /*
125  * Additional blocks that might grow as data is being collected.
126  * Subtypes should write these blocks before writing new packet blocks.
127  */
128  const GArray *nrbs_growing;
129  const GArray *dsbs_growing;
130  const GArray *mevs_growing;
134 };
135 
136 WS_DLL_PUBLIC bool wtap_dump_file_write(wtap_dumper *wdh, const void *buf,
137  size_t bufsize, int *err);
138 WS_DLL_PUBLIC int64_t wtap_dump_file_seek(wtap_dumper *wdh, int64_t offset, int whence, int *err);
139 WS_DLL_PUBLIC int64_t wtap_dump_file_tell(wtap_dumper *wdh, int *err);
140 
141 extern int wtap_num_file_types;
142 
143 #include <wsutil/pint.h>
144 
145 /* Macros to byte-swap possibly-unaligned 64-bit, 32-bit and 16-bit quantities;
146  * they take a pointer to the quantity, and byte-swap it in place.
147  */
148 #define PBSWAP64(p) \
149  { \
150  uint8_t tmp; \
151  tmp = (p)[7]; \
152  (p)[7] = (p)[0]; \
153  (p)[0] = tmp; \
154  tmp = (p)[6]; \
155  (p)[6] = (p)[1]; \
156  (p)[1] = tmp; \
157  tmp = (p)[5]; \
158  (p)[5] = (p)[2]; \
159  (p)[2] = tmp; \
160  tmp = (p)[4]; \
161  (p)[4] = (p)[3]; \
162  (p)[3] = tmp; \
163  }
164 #define PBSWAP32(p) \
165  { \
166  uint8_t tmp; \
167  tmp = (p)[3]; \
168  (p)[3] = (p)[0]; \
169  (p)[0] = tmp; \
170  tmp = (p)[2]; \
171  (p)[2] = (p)[1]; \
172  (p)[1] = tmp; \
173  }
174 #define PBSWAP16(p) \
175  { \
176  uint8_t tmp; \
177  tmp = (p)[1]; \
178  (p)[1] = (p)[0]; \
179  (p)[0] = tmp; \
180  }
181 
182 
183 /* Pointer routines to put items out in a particular byte order.
184  * These will work regardless of the byte alignment of the pointer.
185  */
186 
187 #ifndef phtons
188 #define phtons(p, v) \
189  { \
190  (p)[0] = (uint8_t)((v) >> 8); \
191  (p)[1] = (uint8_t)((v) >> 0); \
192  }
193 #endif
194 
195 #ifndef phton24
196 #define phton24(p, v) \
197  { \
198  (p)[0] = (uint8_t)((v) >> 16); \
199  (p)[1] = (uint8_t)((v) >> 8); \
200  (p)[2] = (uint8_t)((v) >> 0); \
201  }
202 #endif
203 
204 #ifndef phtonl
205 #define phtonl(p, v) \
206  { \
207  (p)[0] = (uint8_t)((v) >> 24); \
208  (p)[1] = (uint8_t)((v) >> 16); \
209  (p)[2] = (uint8_t)((v) >> 8); \
210  (p)[3] = (uint8_t)((v) >> 0); \
211  }
212 #endif
213 
214 #ifndef phtonll
215 #define phtonll(p, v) \
216  { \
217  (p)[0] = (uint8_t)((v) >> 56); \
218  (p)[1] = (uint8_t)((v) >> 48); \
219  (p)[2] = (uint8_t)((v) >> 40); \
220  (p)[3] = (uint8_t)((v) >> 32); \
221  (p)[4] = (uint8_t)((v) >> 24); \
222  (p)[5] = (uint8_t)((v) >> 16); \
223  (p)[6] = (uint8_t)((v) >> 8); \
224  (p)[7] = (uint8_t)((v) >> 0); \
225  }
226 #endif
227 
228 #ifndef phtole8
229 #define phtole8(p, v) \
230  { \
231  (p)[0] = (uint8_t)((v) >> 0); \
232  }
233 #endif
234 
235 #ifndef phtoles
236 #define phtoles(p, v) \
237  { \
238  (p)[0] = (uint8_t)((v) >> 0); \
239  (p)[1] = (uint8_t)((v) >> 8); \
240  }
241 #endif
242 
243 #ifndef phtole24
244 #define phtole24(p, v) \
245  { \
246  (p)[0] = (uint8_t)((v) >> 0); \
247  (p)[1] = (uint8_t)((v) >> 8); \
248  (p)[2] = (uint8_t)((v) >> 16); \
249  }
250 #endif
251 
252 #ifndef phtolel
253 #define phtolel(p, v) \
254  { \
255  (p)[0] = (uint8_t)((v) >> 0); \
256  (p)[1] = (uint8_t)((v) >> 8); \
257  (p)[2] = (uint8_t)((v) >> 16); \
258  (p)[3] = (uint8_t)((v) >> 24); \
259  }
260 #endif
261 
262 #ifndef phtolell
263 #define phtolell(p, v) \
264  { \
265  (p)[0] = (uint8_t)((v) >> 0); \
266  (p)[1] = (uint8_t)((v) >> 8); \
267  (p)[2] = (uint8_t)((v) >> 16); \
268  (p)[3] = (uint8_t)((v) >> 24); \
269  (p)[4] = (uint8_t)((v) >> 32); \
270  (p)[5] = (uint8_t)((v) >> 40); \
271  (p)[6] = (uint8_t)((v) >> 48); \
272  (p)[7] = (uint8_t)((v) >> 56); \
273  }
274 #endif
275 
276 /*
277  * Read a given number of bytes from a file into a buffer or, if
278  * buf is NULL, just discard them.
279  *
280  * If we succeed, return true.
281  *
282  * If we get an EOF, return false with *err set to 0, reporting this
283  * as an EOF.
284  *
285  * If we get fewer bytes than the specified number, return false with
286  * *err set to WTAP_ERR_SHORT_READ, reporting this as a short read
287  * error.
288  *
289  * If we get a read error, return false with *err and *err_info set
290  * appropriately.
291  */
292 WS_DLL_PUBLIC
293 bool
294 wtap_read_bytes_or_eof(FILE_T fh, void *buf, unsigned int count, int *err,
295  char **err_info);
296 
297 /*
298  * Read a given number of bytes from a file into a buffer or, if
299  * buf is NULL, just discard them.
300  *
301  * If we succeed, return true.
302  *
303  * If we get fewer bytes than the specified number, including getting
304  * an EOF, return false with *err set to WTAP_ERR_SHORT_READ, reporting
305  * this as a short read error.
306  *
307  * If we get a read error, return false with *err and *err_info set
308  * appropriately.
309  */
310 WS_DLL_PUBLIC
311 bool
312 wtap_read_bytes(FILE_T fh, void *buf, unsigned int count, int *err,
313  char **err_info);
314 
315 /*
316  * Read packet data into a Buffer, growing the buffer as necessary.
317  *
318  * This returns an error on a short read, even if the short read hit
319  * the EOF immediately. (The assumption is that each packet has a
320  * header followed by raw packet data, and that we've already read the
321  * header, so if we get an EOF trying to read the packet data, the file
322  * has been cut short, even if the read didn't read any data at all.)
323  */
324 WS_DLL_PUBLIC
325 bool
326 wtap_read_packet_bytes(FILE_T fh, Buffer *buf, unsigned length, int *err,
327  char **err_info);
328 
329 /*
330  * Implementation of wth->subtype_read that reads the full file contents
331  * as a single packet.
332  */
333 bool
334 wtap_full_file_read(wtap *wth, wtap_rec *rec, Buffer *buf,
335  int *err, char **err_info, int64_t *data_offset);
336 
337 /*
338  * Implementation of wth->subtype_seek_read that reads the full file contents
339  * as a single packet.
340  */
341 bool
342 wtap_full_file_seek_read(wtap *wth, int64_t seek_off, wtap_rec *rec, Buffer *buf, int *err, char **err_info);
343 
347 void
349 
353 void
355 
359 void
361 
362 void
363 wtap_register_compatibility_file_subtype_name(const char *old_name,
364  const char *new_name);
365 
366 void
367 wtap_register_backwards_compatibility_lua_name(const char *name, int ft);
368 
370  const char *name;
371  int ft;
372 };
373 
374 WS_DLL_PUBLIC
375 const GArray *get_backwards_compatibility_lua_table(void);
376 
391 
403 WS_DLL_PUBLIC
404 void wtap_add_generated_idb(wtap *wth);
405 
419 
432 
444 
445 #endif /* __WTAP_INT_H__ */
446 
447 /*
448  * Editor modelines - https://www.wireshark.org/tools/modelines.html
449  *
450  * Local variables:
451  * c-basic-offset: 4
452  * tab-width: 8
453  * indent-tabs-mode: nil
454  * End:
455  *
456  * vi: set shiftwidth=4 tabstop=8 expandtab:
457  * :indentSize=4:tabSize=8:noTabs=true:
458  */
Definition: buffer.h:22
Definition: wtap.h:1505
Definition: wtap-int.h:369
Definition: pcapio.c:113
Definition: wtap_opttypes.c:85
Definition: wtap.h:1526
Definition: wtap-int.h:97
unsigned nrbs_growing_written
Definition: wtap-int.h:131
GArray * dsbs_initial
Definition: wtap-int.h:122
GArray * interface_data
Definition: wtap-int.h:121
const GArray * dsbs_growing
Definition: wtap-int.h:129
const GArray * mevs_growing
Definition: wtap-int.h:130
unsigned mevs_growing_written
Definition: wtap-int.h:133
const GArray * shb_iface_to_global
Definition: wtap-int.h:120
unsigned dsbs_growing_written
Definition: wtap-int.h:132
addrinfo_lists_t * addrinfo_lists
Definition: wtap-int.h:118
const GArray * nrbs_growing
Definition: wtap-int.h:128
Definition: file_wrappers.c:177
Definition: wtap.h:1431
Definition: wtap-int.h:37
GArray * interface_data
Definition: wtap-int.h:45
bool ispipe
Definition: wtap-int.h:40
GArray * shb_iface_to_global
Definition: wtap-int.h:44
FILE_T random_fh
Definition: wtap-int.h:39
unsigned next_interface_data
Definition: wtap-int.h:46
GArray * nrbs
Definition: wtap-int.h:47
char * pathname
Definition: wtap-int.h:51
GArray * meta_events
Definition: wtap-int.h:49
GArray * dsbs
Definition: wtap-int.h:48
void wtapng_process_nrb(wtap *wth, wtap_block_t nrb)
Definition: wtap.c:1669
GArray * wtap_file_get_shb_for_new_file(wtap *wth)
Gets new section header block for new file, based on existing info.
Definition: wtap.c:150
void wtapng_process_dsb(wtap *wth, wtap_block_t dsb)
Definition: wtap.c:1693
GArray * wtap_file_get_nrb_for_new_file(wtap *wth)
Gets new name resolution info for new file, based on existing info.
Definition: wtap.c:521
wtap_block_t wtap_rec_generate_idb(const wtap_rec *rec)
Generate an IDB, given a packet record, using the records's encapsulation type and time stamp resolut...
Definition: wtap.c:1903
wtap_block_t wtap_dump_params_generate_idb(const wtap_dump_params *params)
Generate an IDB, given a set of dump parameters, using the parameters' encapsulation type,...
Definition: wtap.c:617
WS_DLL_PUBLIC void wtap_add_generated_idb(wtap *wth)
Generate an IDB, given a wiretap handle for the file, using the file's encapsulation type,...
Definition: wtap.c:351
void wtap_add_idb(wtap *wth, wtap_block_t idb)
Definition: wtap.c:275
void(* wtap_new_secrets_callback_t)(uint32_t secrets_type, const void *secrets, unsigned size)
Definition: wtap.h:1890
void(* wtap_new_ipv4_callback_t)(const unsigned addr, const char *name, const bool static_entry)
Definition: wtap.h:1878