| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
This avoids potential and, in one case (SIMH), actual collisions with
names in other libraries or in applications using libpcap.
|
| |
|
|
| |
[skip ci]
|
| |
|
|
| |
[skip ci]
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The sizeof operator and alignof macro can be given a type "name" that's
anonymous, e.g. sizeof(struct { int a; char *b; }). Have
pcap_create_common() and pcap_open_offline_common() take, as arguments,
the total size of a structure containing both the pcap_t and the private
data as members, and the offset of the private data in that structure,
and define macros that calculate those given, as an argument, the data
type of the private data.
This avoids making assumptions about the alignment of those two items
within the structure; that *might* fix GitHub issue #940 if the issue is
that the ARM compiler being used does 16-byte alignment of the private
structure, rather than the 8-byte alignment we were wiring in.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some of them are locale-dependent, and all of them run the risk of
failing if you hand them a char with the 8th bit set.
Define our own locale-independent macros that can be handed any integral
value.
Don't include <ctype.h>.
This should address the issue in GitHub pull request #839, and should
also catch any (highly unlikely) cases in which something other than
Boring Old Space And Tab and, sometimes, CR and LF are treated as white
space. (No, we don't want FF or VT treated as white space.)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Require Visual Studio 2015 or later; fail if we don't have it, and
remove checks for older versions.
That means we have C99-compliant snprintf() and vsnprintf(); require
them when configuring for UN*X, and then use them directly, rather than
having wrappers for systems lacking them.
If we're using MSVC, skip the tests for options to request C99
compatibility - either we have VS 2015, which is sufficient, or we
don't, in which case we fail.
|
| |
|
|
|
| |
Septel-only is now done more simply - you just need to supply a few stub
routines.
|
| |
|
|
|
| |
That's how to do it for modules that do filtering in the module itself;
there's no need for a wrapper.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
We now depend on the *full* semantics of those routines, including the
return value being usable for truncation checks.
If we're building for a UN*X that has them, define pcap_strl{cpy,cat} to
be strl{cpy,cat}.
If we're building for Windows using MSVC, define pcap_strl{cpy,cat}, not
strl{cpy,cat}.
Otherwise, build our won versions of pcap_strl{cpy,cat} from BSD-derived
source code.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If net/bpf.h declares bpf_filter() one way and libpcap defines it
another way, even pcap-bpf.c needs a declaration that matches how
libpcap defines it, not how net/bpf.h (mistakenly) declares it.
("Mistakenly" because it should *not* be declaring the kernel's version
of bpf_filter() unless it's being used in a *kernel* build; other *BSDs,
and macOS, declare it only in kernel builds by testing for a #define
such as KERNEL or KERNEL_PRIVATE, but NetBSD doesn't - it *should*, but
it doesn't.)
So we rename the internal-to-pcap filtering routine as pcap_filter(),
which is not exported from libpcap, and have bpf_filter() be a wrapper
around pcap_filter() that is exported.
Use pcap_filter(), rather than bpf_filter(), for all filtering inside
libpcap (except for filtering that uses bpf_filter_with_aux_data(),
which we rename pcap_filter_with_aux_data()).
Do the same for bpf_validate(), which is *also* declared in net/bpf.h,
even for non-kernel builds, in NetBSD.
As we're not exporting pcap_filter_with_aux_data(), don't even *declare*
it in a public header; don't declare struct bpf_aux_data in a public
header, either. That way we can change it without worrying about
breaking APIs or ABIs; we may do that if, for example, we want to
support the "inbound" and "outbound" filters when reading pcapng files,
adding a direction indicator to that structure.
Declare bpf_filter() in pcap/bpf.h even on NetBSD and QNX; pcap-bpf.c
doesn't include pcap/bpf.h (it sets a #define to force pcap/pcap.h not
to include it), so we won't get any collisions if net/bpf.h (which it
does include) declares it. The only collisions will occur in programs
that include *both* pcap/pcap.h or pcap/bpf.h *and* net/bpf.h, and that
will occur only if net/bpf.h declares bpf_filter() even when building
userland code, and the correct fix for *that* is to fix net/bpf.h not to
declare them in non-kernel builds.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We add:
PCAP_IF_WIRELESS, which indicates whether the interface is "wireless" or
not.
PCAP_IF_CONNECTION_STATUS, which is a bitmask for a two-bit field that
can have one of the values:
PCAP_IF_CONNECTION_STATUS_UNKNOWN if the status of whether the interface
is "connected" or "disconnected" is unknown;
PCAP_IF_CONNECTION_STATUS_CONNECTED if the interface is "connected";
PCAP_IF_CONNECTION_STATUS_DISCONNECTED if the interface is
"disconnected";
PCAP_IF_CONNECTION_STATUS_NOT_APPLICABLE if the notion of "connected" or
"disconnected" doesn't apply to this interface.
Take that into account when sorting interfaces in the interface list,
penalizing "disconnected" interfaces, as you won't see traffic on them
if they're not wireless and you'd have to be in some form of "monitor
mode" to see traffic on them if they're wireless.
This should address GitHub issue #700.
|
| |
|
|
|
|
| |
For the epoll mechanism, the call to wait for events is epoll_wait()
(and epoll_pwait()); for the kqueue mechanism, the call to wait for
events is kevent() (and additional calls in Darwin-based systems).
|
| |
|
|
|
| |
install_bpf_program() already fills in the errbuf; there's no need to
set it in the caller of install_bpf_program().
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
That routine will use strerror_s() or strerror_r() if available, in a
fashion that's thread-safe. Otherwise, it falls back on
pcap_strerror().
Use it in both libpcap and rpcapd.
Given that we check for errors in strerror_r(), hopefully this will
squelch warnings with newer version of GCC and GNU libc; whilst the
macOS (and other BSD-flavored?) strerror_r() always fills in a message,
that's not required by the Single UNIX Specification, as far as I can
tell, so we apparently really *do* need to check for errors.
|
| |
|
|
| |
We can get the project version from config.h, so do so.
|
| |
|
|
|
|
|
| |
Catch attempts to set non-blocking mode before we're activated, just as
we do after we're activated.
Catch attempts to *get* non-blocking mode.
|
| |
|
|
|
|
|
|
| |
This lets us move the Windows version to pcap-win32.c, so we don't have
to include packet32.h in pcap.c.
It also gets rid of some #ifdefs, and lets us construct the version
string on UN*X platforms, and MS-DOS, at compile time.
|
| |
|
|
|
|
|
|
| |
This can prevent bizarre failures if, for example, you've done a
configuration in the top-level source directory, leaving behind one
config.h file, and then do an out-of-tree build in another directory,
with different configuration options. This way, we always pick up the
same config.h, in the build directory.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Also, initialize the snapshot length to 0, meaning "not specified", so
that the default snapshot length, if not specified, is also
module-dependent.
That way, D-Bus has a maximum and default of 128MB, as that's the
maximum message size, but other capture devices have the current
MAXIMUM_SNAPLEN, so we can handle full-size D-Bus messages without
advertising an overly-large snapshot length for other devices,
potentially causing libpcap and programs using it or reading libpcap
files to allocate overly-large buffers for other capture devices.
|
| |
|
|
|
| |
For example, on Linux, we add information about memory-mapped capture
support; see comments on GitHub issue #600.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We just set a flag and attempt to set non-blocking mode after
activating.
If a module can't support non-blocking mode, it should set the set
non-blocking operator in the create routine, so a pre-activation call
will fail the same way a post-activation call fails.
While we're at it:
Have the get non-blocking and set non-blocking modes not take an error
buffer as an argument; they have the error buffer in the pcap_t to set.
pcap_getnonblock() and pcap_setnonblock() just copy the error from there
to the argument passed in.
Make sure we set the cleanup op pointer when appropriate.
|
| |
|
|
|
|
|
| |
It's not part of the API, but it's an internal structure used by the
findalldevs code. Currently, it just has a pointer to the beginning of
the list, but it could change in order to speed up the process of adding
to the list.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Have a routine that unconditionally adds a device to the list of
devices, without bothering to check whether there's already a device
with that name, and a separate routine that does the check and, if it
doesn't find the device, calls the routine to add ti. That avoids
scanning the entire list in cases where we know the search will fail.
The only reasons for doing the check are that we're on a platform where
we find the list of interfaces by a call that returns a list of
*addresses*, with an interface name attached to each address, and
1) for each address, we need to make sure we don't already have
the interface, create it if we don't, and add the address to
the now-guaranteed-to-exist entry for the interface;
2) we might have to make a *separate* call to enumerate
interfaces, to find interfaces with *no* addresses, and that
call also enumerates the ones that *do* have addresses, and
we don't want to create a duplicate entry for them.
Change some findalldevs helper routines to have "dev" rather than "if"
in the name, as not all devices are regular network interfaces.
For the DAG findalldevs routine, make sure it always provides an error
message if it fails.
We don't need add_addr_to_iflist() or get_if_description() on Windows,
so don't define them on Windows.
Update comments to reflect reality.
|
| |
|
|
|
|
|
|
|
|
|
| |
In the core code, treat them similarly to other builds. In the
configure script, ensure that no other pcap-XXX.c file is built, so we
have only the entries for the capture mechanism in question in the
tables for pcap_findalldevs() and pcap_create(), so that those routines
are the only ones called. If XXX_ONLY is defined in pcap-XXX.c, define
a stub pcap_platform_finddevs() that finds no regular interfaces and a
stub pcap_create_interface() that fails with a "we only support XXX"
error message.
|
| |
|
|
|
|
|
|
|
| |
* CAN bus over USB on Linux
* DAG
* D-Bus
* Septel
* SNF
* TurboCap
|
| |
|
|
|
|
|
|
|
|
|
| |
On UN*Xes with snprintf(), we just #define pcap_snprintf to snprintf.
On UN*Xes without snprintf(), we provide our own, but call it
pcap_snprintf().
On Windows, we have a routine that wraps _snprintf(), with C99 semantics
(ensuring null termination if the string won't fit), called
pcap_snprintf(), and use that.
|
| | |
|
| |
|
|
|
|
|
| |
That way, errors are reflected to the caller.
Also, just pass strings directly to pcap_add_if(), and get rid of unused
variables.
|
| |
|
|
|
|
| |
This change removes CVS keywords that express that the file belongs to
libpcap repository. All such keywords represented the revision and
timestamp by the end of 2008 or even older.
|
| |
|
|
|
| |
"private" is a C++ keyword; rename the "private" member of a pcap_t to
"priv" to avoid that, as per Gisle Vanem's suggestion.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Put the private data right after the pcap_t structure, with a pointer to
it in the pcap_t.
The initial goal is to allow new pcap modules to be added without having
to hack pcap-int.h.
In the longer term, we may want to freeze the pcap_t structure, except
possibly for adding new method pointers at the end, and provide an ABI
for adding modules.
We also put the stuff used by the read path at the beginning of the
pcap_t structure, to try to keep it on the same set of cache lines.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Have a table of routines to do pcap_create() for devices that aren't
regular network interfaces. Try each of those in succession until one
says "it's mine" (whether it succeeds or fails); if none do, do a
pcap_create() for a regular interface.
Have those routines do more stringent tests of the name - don't just
accept any name that has a particular substring anywhere in it. That
reduces the likelihood of a false match (as happened with the CANbus
module when somebody renamed their Ethernet interface "canopy").
Have the table also include routines for pcap_findalldevs().
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
used to clean up after a failed pcap_activate() call. Convert the
existing close_op routines to cleanup_op routines, and use them to clean
up; rename pcap_close_common() to pcap_cleanup_live_common(), and use it
directly if there's no platform-dependent cleanup needed. That means we
don't have to write the same cleanup code twice (and possibly forget
stuff in the version done on a failed pcap_activate() call).
Have the cleanup routines do whatever is necessary to indicate that
cleanup has been done, and not do any particular cleaning up if it's
already been done (i.e., don't free something if the pointer to it is
null and null out the pointer once it's been freed, don't close an FD if
it's -1 and set it to -1 once it's been closed, etc.).
For device types/platforms where we don't support monitor mode, check
for it and return PCAP_ERROR_RFMON_NOTSUP - but do so after we've
checked whether we can open the device, so we return "no such device" or
"permission denied" rather than "that device doesn't support monitor
mode" if we can't open the device in the first place.
Fix a comment.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
handle" routine, an 'activate a pcap_t handle" routine, and some "set
the properties of the pcap_t handle" routines, so that, for example, the
buffer size can be set on a BPF device before the device is bound to an
interface.
Add additional routines to set monitor mode, and make at least an
initial attempt at supporting that on Linux, *BSD, and Mac OS X 10.4 and
10.5. (Very much "initial" for Linux, which is a twisty little maze of
wireless drivers, many different.)
Have a "timeout" member of the pcap_md structure on all platforms, use
that on Windows instead of the "timeout" member of the pcap_t structure,
and get rid of the "timeout" member of that structure.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
"septel_set_datalink()".
It's also always the same, so get rid of "septel_get_datalink()".
Add an inject routine that just returns an error.
Get rid of a malloc() whose result was neither used nor freed.
Clean up indentation.
|
|
|
traffic on Intel Septel cards, and for filtering on SS7 MTP3 fields.
Clean up indentation.
|
