| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
It *should*, as we should be asking for at least C99, if not "gnu99".
|
| |
|
|
|
|
|
| |
This emphasizes that it's for *debugging* messages, not for errors sent
to the peer or logged to a daemon log file. Any message that would be
useful if printed/logged in a production environment should *not* be
reported with SOCK_DEBUG_MESSAGE().
|
| |
|
|
|
| |
SOCK_ASSERT was always called with a true expression ("1") thus only ever executing the message part.
Rename the macro, remove the assert part and remove the "1" parameter.
|
| | |
|
| |
|
|
|
|
| |
It's an internal routine, so it *shouldn't* ever be invalid, but this at
least makes sure the mode argument is used, in case we ever have
compilers check for unused arguments.
|
| |
|
|
|
| |
ENABLE_REMOTE is always defined when building this file. If you haven't
enabled remote capture, you wouldn't even be compiling the file.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
On UN*X, a SOCKET is just an FD, hence an int, so this isn't an issue.
On Windows, well, hopefully -1, -2, and -3 aren't valid values; if they
are, this API can't be made to work (it's already documented as
returning -1, -2, and -3 for various errors).
So we might as well just cast the negative values to SOCKET, given that
we're returning a SOCKET value.
Once we support pcap_create()/pcap_activate() for remote capturing, we
can provide a better API for active-mode capturing.
|
| |
|
|
|
| |
If it is, we know it fits into a uint16; cast the assignment to squelch
a warning.
|
| |
|
|
| |
And once we know they fit, cast away warnings.
|
| |
|
|
| |
That squelches "conditional expression is constant" warnings from MSVC.
|
| |
|
|
| |
This should fix Coverity CID 1418992.
|
| |
|
|
| |
(Broken when RPCAP_VERSION_IS_SUPPORTED() was introduced.)
|
| |
|
|
| |
What a mess.
|
| |
|
|
|
|
| |
Version numbers are unsigned, so they can never be < 0, so checking
whether a version is less than the minimum supported version will never
fail.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
That routine will use strerror_s() or strerror_r() if available, in a
fashion that's thread-safe. Otherwise, it falls back on
pcap_strerror().
Use it in both libpcap and rpcapd.
Given that we check for errors in strerror_r(), hopefully this will
squelch warnings with newer version of GCC and GNU libc; whilst the
macOS (and other BSD-flavored?) strerror_r() always fills in a message,
that's not required by the Single UNIX Specification, as far as I can
tell, so we apparently really *do* need to check for errors.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If we fail in the middle of constructing lists of savefiles or remote
devices, free the entries we've already allocated.
Use separate variables for "current device" and "last device in the
list", to try to squelch some warnings.
We already rely on the pointer to the place where the device list
pointer should be put not being null; no need to handle the case where
it is null.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the select() is interrupted by a signal, just return 0, don't treat
it as an error. That'll let the read routine check whether we're
supposed to break out of the loop and, if not, it'll let it keep
processing packets, as we do for local capture modules.
When reading packet messages from a TCP socket, use the bp and cc
members of the pcap_t to keep track of where we're reading data and the
number of bytes of data we have read so far. If a read is interrupted
by a signal, just return 0, as per the above. Don't assume we're at the
beginning of a message when we enter pcap_read_nocb_remote(); instead,
if we've read less than the size of a packet message header, try to read
the rest of the header, otherwise extract the packet payload length from
the header, make sure it's not larger than the largest payload length
we're expecting (if it is, return an error), and try to read the rest of
the packet. That way, we can handle multiple calls to
pcap_read_nocb_remote() reading multiple bits of the same packet, due to
reads being interrupted.
That obviates the need to discard the rest of the packet, as we read all
of it into the buffer.
|
| |
|
|
|
| |
GCC and GCC-compatible compilers might allow it, but not all compilers
do.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Have separate sockutils routines for reading from a stream socket and
receiving messages from a datagram socket. The latter assumes you get
the entire message in a single receive operation and checks for the
datagram being bigger than the provided buffer.
We don't need separate network and packet-to-provide-to-the-callback
buffers; use the standard buffer for both purposes, making it big enough
for the largest expected packet message. This eliminates a copy.
Use the "receive messages from a datagram socket" routine for UDP data
sockets. That way, we check for messages bigger than the largest
expected packet message; add additional checks to make sure the packet
is big enough to hold an rpcap header and, if so, that the packet length
in the rpcap header isn't larger than the part of the message.
Check for interrupted message receives in the "read a packet message"
code path.
If we get an invalid message from the server, discard the rest of it if
it's sent over TCP.
In the read routine, check for errors and, if we didn't get a packet and
didn't get an error - which could be a timeout or an interrupted receive
- check whether we were told to break out of the loop.
|
| |
|
|
|
|
| |
Use a separate variable, to make it clearer that it's *not* the
user-mode buffer attached to the pcap_t; it's more like the kernel
buffer used by local capture mechanisms.
|
| |
|
|
|
|
| |
It has to be large enough for the rpcap message header, the rpcap packet
header, and the largest possible packet for the pcap_t, i.e. the
snapshot length.
|
| |
|
|
|
| |
If the client flakes out for whatever reason, including exiting, that's
not a problem that the server needs to log.
|
| |
|
|
|
|
| |
On the server side, don't treat an immediate EOF when trying to read a
message header as an error, just silently terminate the session. Treat
EOFs after reading *some* of the message as an error.
|
| |
|
|
|
|
|
|
|
|
|
| |
If we get an error, return -1, and just report the first error; if we
got an error sending RPCAP_MSG_CLOSE to the server, don't check for
errors when closing the connection.
For calls where we're not going to check for an error, don't pass an
error message buffer.
Addresses Coverity CID 1419000.
|
| |
|
|
|
|
|
|
|
|
| |
Make sure we null-terminate the string before discarding the rest of a
too-long error message fails.
While we're at it, if we get a network error, we don't take any special
shutdown action for the connection, so no need to have rpcap_msg_err()
return a status; either it's reporting an error given to us by the
server or it's reporting a network error.
|
| |
|
|
|
|
| |
It's used later to decide whether to close the socket or not.
Addresses Coverity CID 1420505.
|
| |
|
|
|
|
| |
If you send a message to the server and wait for a reply, check whether
the message was successfully sent before awaiting a reply; if it never
made it onto the wire, you won't be getting a reply.
|
| |
|
|
|
| |
That way, the appropriate packet length checks, and other checks, are
done.
|
| |
|
|
|
| |
It's a problem if we're trying to get *more* data from a message than is
left in the message, not if we're trying to get *less* data.
|
| | |
|
| |
|
|
|
| |
If the first authentication try returned 0, that's success; no need to
try again.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If we send a "wrong version number" error message to an old client
(before the changes to support version negotiation) with a version
number other than 0, it'll treat it as a protocol error and return the
wrong error message to the caller. Instead, if the client's version
number is too old for the server, send back the version number they sent
us; they'll try it again and get the same error, and give up. (This
would happen only if there's a server that doesn't support version 0;
let's not create so many protocol versions that there's a temptation to
drop older ones.)
Also, add details on protocol versioning and protocol negotiation (the
construction of which pointed out the failure mode).
|
| |
|
|
|
|
| |
Currently, we only have one protocol version, but the code should be
able to handle multiple versions in the future - and to be able to work
with older code that doesn't do negotiation.
|
| |
|
|
|
|
|
|
| |
The only uses of it outside there are invalid - there's no need to free
the address list outside that if clause, we've already freed it by the
time we leave it.
Fixes Coverity CID 1419031.
|
| |
|
|
|
|
|
|
|
|
| |
On Windows, you're supposed to check against INVALID_SOCKET. On UN*X,
you're supposed to check against -1, but, on UN*X, we define
INVALID_SOCKET to be -1 so you can compare against INVALID_SOCKET on
both platforms.
That means that sock_open() should return INVALID_SOCKET on errors as
well.
|
| |
|
|
| |
Fixes Coverity CID 1418987.
|
| |
|
|
| |
Fixes Coverity CID 1418989.
|
| |
|
|
| |
Fixes Coverity CID 1419004.
|
| |
|
|
| |
This fixes Coverity CID 1419013.
|
| |
|
|
|
|
|
|
|
|
|
| |
If we don't have a control socket, just free up the address list, close
the pcap_t, and return.
Fixes Coverity CID 1419021.
Also, don't initialize the control socket; that lets compilers (and
other tools) doing dataflow analysis catch cases where we haven't set
the socket before using it.
|
| |
|
|
|
|
| |
HAVE_REMOTE implies that there's some feature in our build environment
that we have, but this is a flag that controls what the user specified
at configuration time.
|
| |
|
|
|
|
|
| |
We currently don't support non-blocking mode on either of those, so have
routines that return errors for pcap_getnonblock() and
pcap_setnonblock(); you can't set those function pointers to null to say
"we don't support it".
|
| |
|
|
|
| |
That way, rpcapd doesn't depend on them being exported from libpcap
(which they shouldn't be).
|
| |
|
|
|
|
|
|
| |
sockutils.h may include <crtdbg.h> on Windows, and portability.h expects
that, if <crtdbg.h> is going to be included, it'll be included before
portability.h, so that, if __STDC__ is 0, strdup will have been defined
by <crtdbg.h>, and portability.h won't define it only to have a later
include of <crtdbg.h> redefine it and provoke warnings.
|
| |
|
|
|
|
|
|
| |
This can prevent bizarre failures if, for example, you've done a
configuration in the top-level source directory, leaving behind one
config.h file, and then do an out-of-tree build in another directory,
with different configuration options. This way, we always pick up the
same config.h, in the build directory.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Also, initialize the snapshot length to 0, meaning "not specified", so
that the default snapshot length, if not specified, is also
module-dependent.
That way, D-Bus has a maximum and default of 128MB, as that's the
maximum message size, but other capture devices have the current
MAXIMUM_SNAPLEN, so we can handle full-size D-Bus messages without
advertising an overly-large snapshot length for other devices,
potentially causing libpcap and programs using it or reading libpcap
files to allocate overly-large buffers for other capture devices.
|
| |
|
|
|
|
|
| |
Move the declarations of the interfaces that are currently used for
RPCAP by pcap_open_live(), pcap_open(), and pcap_findalldevs_ex() to
pcap-rpcap.h; in the future, that will hold the routines used by
pcap_create() and any future API for enumerating interfaces.
|
| | |
|
| | |
|
| |
|
|
| |
It's now used only in pcap-rpcap.c.
|
