Wireshark 4.5.0
The Wireshark network protocol analyzer
All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Modules Pages
wtap-int.h
Go to the documentation of this file.
1
9#ifndef __WTAP_INT_H__
10#define __WTAP_INT_H__
11
12#include "wtap.h"
13#include <time.h>
14
15#ifdef _WIN32
16#include <winsock2.h>
17#endif
18
19#include <wsutil/array.h>
20#include <wsutil/file_util.h>
21
22#include "wtap_opttypes.h"
23
24void wtap_init_file_type_subtypes(void);
25
26WS_DLL_PUBLIC
27int wtap_fstat(wtap *wth, ws_statb64 *statb, int *err);
28
29typedef bool (*subtype_read_func)(struct wtap*, wtap_rec *,
30 int *, char **, int64_t *);
31typedef bool (*subtype_seek_read_func)(struct wtap*, int64_t, wtap_rec *,
32 int *, char **);
33
37struct wtap {
38 FILE_T fh;
39 FILE_T random_fh;
40 bool ispipe;
41 int file_type_subtype;
42 unsigned snapshot_length;
43 GArray *shb_hdrs;
44 GArray *shb_iface_to_global;
45 GArray *interface_data;
46 unsigned next_interface_data;
47 GArray *nrbs;
48 GArray *dsbs;
49 GArray *meta_events;
51 char *pathname;
53 void *priv; /* this one holds per-file state and is free'd automatically by wtap_close() */
54 void *wslua_data; /* this one holds wslua state info and is not free'd */
55
56 subtype_read_func subtype_read;
57 subtype_seek_read_func subtype_seek_read;
58 void (*subtype_sequential_close)(struct wtap*);
59 void (*subtype_close)(struct wtap*);
60 int file_encap; /* per-file, for those
61 * file formats that have
62 * per-file encapsulation
63 * types rather than per-packet
64 * encapsulation types
65 */
66 int file_tsprec; /* per-file timestamp precision
67 * of the fractional part of
68 * the time stamp, for those
69 * file formats that have
70 * per-file timestamp
71 * precision rather than
72 * per-packet timestamp
73 * precision
74 * e.g. WTAP_TSPREC_USEC
75 */
76 wtap_new_ipv4_callback_t add_new_ipv4;
77 wtap_new_ipv6_callback_t add_new_ipv6;
78 wtap_new_secrets_callback_t add_new_secrets;
79 GPtrArray *fast_seek;
80};
81
82struct wtap_dumper;
83
84/*
85 * This could either be a FILE * or a handle used by code that writes
86 * a compressed file.
87 */
88typedef void *WFILE_T;
89
90typedef bool (*subtype_add_idb_func)(struct wtap_dumper*, wtap_block_t,
91 int *, char **);
92
93typedef bool (*subtype_write_func)(struct wtap_dumper*, const wtap_rec*,
94 int*, char**);
95typedef bool (*subtype_finish_func)(struct wtap_dumper*, int*, char**);
96
97struct wtap_dumper {
98 WFILE_T fh;
99 int file_type_subtype;
100 int snaplen;
101 int file_encap; /* per-file, for those
102 * file formats that have
103 * per-file encapsulation
104 * types rather than per-packet
105 * encapsulation types
106 */
107 wtap_compression_type compression_type;
108 bool needs_reload; /* true if the file requires re-loading after saving with wtap */
109 int64_t bytes_dumped;
110
111 void *priv; /* this one holds per-file state and is free'd automatically by wtap_dump_close() */
112 void *wslua_data; /* this one holds wslua state info and is not free'd */
113
114 subtype_add_idb_func subtype_add_idb; /* add an IDB, writing it as necessary */
115 subtype_write_func subtype_write; /* write out a record */
116 subtype_finish_func subtype_finish; /* write out information to finish writing file */
117
118 addrinfo_lists_t *addrinfo_lists;
119 GArray *shb_hdrs;
120 const GArray *shb_iface_to_global;
121 GArray *interface_data;
122 GArray *dsbs_initial;
124 /*
125 * Additional blocks that might grow as data is being collected.
126 * Subtypes should write these blocks before writing new packet blocks.
127 */
128 const GArray *nrbs_growing;
129 const GArray *dsbs_growing;
130 const GArray *mevs_growing;
131 unsigned nrbs_growing_written;
132 unsigned dsbs_growing_written;
133 unsigned mevs_growing_written;
134};
135
136WS_DLL_PUBLIC bool wtap_dump_file_write(wtap_dumper *wdh, const void *buf,
137 size_t bufsize, int *err);
138WS_DLL_PUBLIC int64_t wtap_dump_file_seek(wtap_dumper *wdh, int64_t offset, int whence, int *err);
139WS_DLL_PUBLIC int64_t wtap_dump_file_tell(wtap_dumper *wdh, int *err);
140
141extern int wtap_num_file_types;
142
143#include <wsutil/pint.h>
144
145/* Macros to byte-swap possibly-unaligned 64-bit, 32-bit and 16-bit quantities;
146 * they take a pointer to the quantity, and byte-swap it in place.
147 */
148#define PBSWAP64(p) \
149 { \
150 uint8_t tmp; \
151 tmp = (p)[7]; \
152 (p)[7] = (p)[0]; \
153 (p)[0] = tmp; \
154 tmp = (p)[6]; \
155 (p)[6] = (p)[1]; \
156 (p)[1] = tmp; \
157 tmp = (p)[5]; \
158 (p)[5] = (p)[2]; \
159 (p)[2] = tmp; \
160 tmp = (p)[4]; \
161 (p)[4] = (p)[3]; \
162 (p)[3] = tmp; \
163 }
164#define PBSWAP32(p) \
165 { \
166 uint8_t tmp; \
167 tmp = (p)[3]; \
168 (p)[3] = (p)[0]; \
169 (p)[0] = tmp; \
170 tmp = (p)[2]; \
171 (p)[2] = (p)[1]; \
172 (p)[1] = tmp; \
173 }
174#define PBSWAP16(p) \
175 { \
176 uint8_t tmp; \
177 tmp = (p)[1]; \
178 (p)[1] = (p)[0]; \
179 (p)[0] = tmp; \
180 }
181
182
183/* Pointer routines to put items out in a particular byte order.
184 * These will work regardless of the byte alignment of the pointer.
185 */
186
187#ifndef phtons
188#define phtons(p, v) \
189 { \
190 (p)[0] = (uint8_t)((v) >> 8); \
191 (p)[1] = (uint8_t)((v) >> 0); \
192 }
193#endif
194
195#ifndef phton24
196#define phton24(p, v) \
197 { \
198 (p)[0] = (uint8_t)((v) >> 16); \
199 (p)[1] = (uint8_t)((v) >> 8); \
200 (p)[2] = (uint8_t)((v) >> 0); \
201 }
202#endif
203
204#ifndef phtonl
205#define phtonl(p, v) \
206 { \
207 (p)[0] = (uint8_t)((v) >> 24); \
208 (p)[1] = (uint8_t)((v) >> 16); \
209 (p)[2] = (uint8_t)((v) >> 8); \
210 (p)[3] = (uint8_t)((v) >> 0); \
211 }
212#endif
213
214#ifndef phtonll
215#define phtonll(p, v) \
216 { \
217 (p)[0] = (uint8_t)((v) >> 56); \
218 (p)[1] = (uint8_t)((v) >> 48); \
219 (p)[2] = (uint8_t)((v) >> 40); \
220 (p)[3] = (uint8_t)((v) >> 32); \
221 (p)[4] = (uint8_t)((v) >> 24); \
222 (p)[5] = (uint8_t)((v) >> 16); \
223 (p)[6] = (uint8_t)((v) >> 8); \
224 (p)[7] = (uint8_t)((v) >> 0); \
225 }
226#endif
227
228#ifndef phtole8
229#define phtole8(p, v) \
230 { \
231 (p)[0] = (uint8_t)((v) >> 0); \
232 }
233#endif
234
235#ifndef phtoles
236#define phtoles(p, v) \
237 { \
238 (p)[0] = (uint8_t)((v) >> 0); \
239 (p)[1] = (uint8_t)((v) >> 8); \
240 }
241#endif
242
243#ifndef phtole24
244#define phtole24(p, v) \
245 { \
246 (p)[0] = (uint8_t)((v) >> 0); \
247 (p)[1] = (uint8_t)((v) >> 8); \
248 (p)[2] = (uint8_t)((v) >> 16); \
249 }
250#endif
251
252#ifndef phtolel
253#define phtolel(p, v) \
254 { \
255 (p)[0] = (uint8_t)((v) >> 0); \
256 (p)[1] = (uint8_t)((v) >> 8); \
257 (p)[2] = (uint8_t)((v) >> 16); \
258 (p)[3] = (uint8_t)((v) >> 24); \
259 }
260#endif
261
262#ifndef phtolell
263#define phtolell(p, v) \
264 { \
265 (p)[0] = (uint8_t)((v) >> 0); \
266 (p)[1] = (uint8_t)((v) >> 8); \
267 (p)[2] = (uint8_t)((v) >> 16); \
268 (p)[3] = (uint8_t)((v) >> 24); \
269 (p)[4] = (uint8_t)((v) >> 32); \
270 (p)[5] = (uint8_t)((v) >> 40); \
271 (p)[6] = (uint8_t)((v) >> 48); \
272 (p)[7] = (uint8_t)((v) >> 56); \
273 }
274#endif
275
276/*
277 * Read a given number of bytes from a file into a buffer or, if
278 * buf is NULL, just discard them.
279 *
280 * If we succeed, return true.
281 *
282 * If we get an EOF, return false with *err set to 0, reporting this
283 * as an EOF.
284 *
285 * If we get fewer bytes than the specified number, return false with
286 * *err set to WTAP_ERR_SHORT_READ, reporting this as a short read
287 * error.
288 *
289 * If we get a read error, return false with *err and *err_info set
290 * appropriately.
291 */
292WS_DLL_PUBLIC
293bool
294wtap_read_bytes_or_eof(FILE_T fh, void *buf, unsigned int count, int *err,
295 char **err_info);
296
297/*
298 * Read a given number of bytes from a file into a buffer or, if
299 * buf is NULL, just discard them.
300 *
301 * If we succeed, return true.
302 *
303 * If we get fewer bytes than the specified number, including getting
304 * an EOF, return false with *err set to WTAP_ERR_SHORT_READ, reporting
305 * this as a short read error.
306 *
307 * If we get a read error, return false with *err and *err_info set
308 * appropriately.
309 */
310WS_DLL_PUBLIC
311bool
312wtap_read_bytes(FILE_T fh, void *buf, unsigned int count, int *err,
313 char **err_info);
314
315/*
316 * Read a given number of bytes from a file into a Buffer, growing the
317 * buffer as necessary.
318 *
319 * This returns an error on a short read, even if the short read hit
320 * the EOF immediately. (The assumption is that each packet has a
321 * header followed by raw packet data, and that we've already read the
322 * header, so if we get an EOF trying to read the packet data, the file
323 * has been cut short, even if the read didn't read any data at all.)
324 */
325WS_DLL_PUBLIC
326bool
327wtap_read_bytes_buffer(FILE_T fh, Buffer *buf, unsigned length, int *err,
328 char **err_info);
329
330/*
331 * Implementation of wth->subtype_read that reads the full file contents
332 * as a single packet.
333 */
334bool
335wtap_full_file_read(wtap *wth, wtap_rec *rec, int *err, char **err_info,
336 int64_t *data_offset);
337
338/*
339 * Implementation of wth->subtype_seek_read that reads the full file contents
340 * as a single packet.
341 */
342bool
343wtap_full_file_seek_read(wtap *wth, int64_t seek_off, wtap_rec *rec,
344 int *err, char **err_info);
345
349void
350wtap_add_idb(wtap *wth, wtap_block_t idb);
351
355void
356wtapng_process_nrb(wtap *wth, wtap_block_t nrb);
357
361void
362wtapng_process_dsb(wtap *wth, wtap_block_t dsb);
363
364void
365wtap_register_compatibility_file_subtype_name(const char *old_name,
366 const char *new_name);
367
368void
369wtap_register_backwards_compatibility_lua_name(const char *name, int ft);
370
371struct backwards_compatibiliity_lua_name {
372 const char *name;
373 int ft;
374};
375
376WS_DLL_PUBLIC
377const GArray *get_backwards_compatibility_lua_table(void);
378
392GArray* wtap_file_get_shb_for_new_file(wtap *wth);
393
405WS_DLL_PUBLIC
406void wtap_add_generated_idb(wtap *wth);
407
420wtap_block_t wtap_dump_params_generate_idb(const wtap_dump_params *params);
421
433wtap_block_t wtap_rec_generate_idb(const wtap_rec *rec);
434
445GArray* wtap_file_get_nrb_for_new_file(wtap *wth);
446
447#endif /* __WTAP_INT_H__ */
448
449/*
450 * Editor modelines - https://www.wireshark.org/tools/modelines.html
451 *
452 * Local variables:
453 * c-basic-offset: 4
454 * tab-width: 8
455 * indent-tabs-mode: nil
456 * End:
457 *
458 * vi: set shiftwidth=4 tabstop=8 expandtab:
459 * :indentSize=4:tabSize=8:noTabs=true:
460 */
file_util.h
Buffer
Definition buffer.h:22
addrinfo_lists
Definition wtap.h:1529
backwards_compatibiliity_lua_name
Definition wtap-int.h:371
idb
Definition pcapio.c:123
wtap_block
Definition wtap_opttypes.c:85
wtap_dump_params
Definition wtap.h:1550
wtap_dumper
Definition wtap-int.h:97
wtap_dumper::nrbs_growing_written
unsigned nrbs_growing_written
Definition wtap-int.h:131
wtap_dumper::dsbs_initial
GArray * dsbs_initial
Definition wtap-int.h:122
wtap_dumper::interface_data
GArray * interface_data
Definition wtap-int.h:121
wtap_dumper::dsbs_growing
const GArray * dsbs_growing
Definition wtap-int.h:129
wtap_dumper::mevs_growing
const GArray * mevs_growing
Definition wtap-int.h:130
wtap_dumper::mevs_growing_written
unsigned mevs_growing_written
Definition wtap-int.h:133
wtap_dumper::shb_iface_to_global
const GArray * shb_iface_to_global
Definition wtap-int.h:120
wtap_dumper::dsbs_growing_written
unsigned dsbs_growing_written
Definition wtap-int.h:132
wtap_dumper::addrinfo_lists
addrinfo_lists_t * addrinfo_lists
Definition wtap-int.h:118
wtap_dumper::nrbs_growing
const GArray * nrbs_growing
Definition wtap-int.h:128
wtap_reader
Definition file_wrappers.c:215
wtap_rec
Definition wtap.h:1432
wtap
Definition wtap-int.h:37
wtap::interface_data
GArray * interface_data
Definition wtap-int.h:45
wtap::ispipe
bool ispipe
Definition wtap-int.h:40
wtap::shb_iface_to_global
GArray * shb_iface_to_global
Definition wtap-int.h:44
wtap::random_fh
FILE_T random_fh
Definition wtap-int.h:39
wtap::next_interface_data
unsigned next_interface_data
Definition wtap-int.h:46
wtap::nrbs
GArray * nrbs
Definition wtap-int.h:47
wtap::pathname
char * pathname
Definition wtap-int.h:51
wtap::meta_events
GArray * meta_events
Definition wtap-int.h:49
wtap::dsbs
GArray * dsbs
Definition wtap-int.h:48
wtapng_process_nrb
void wtapng_process_nrb(wtap *wth, wtap_block_t nrb)
Definition wtap.c:1673
wtapng_process_dsb
void wtapng_process_dsb(wtap *wth, wtap_block_t dsb)
Definition wtap.c:1697
wtap_rec_generate_idb
wtap_block_t wtap_rec_generate_idb(const wtap_rec *rec)
Generate an IDB, given a packet record, using the records's encapsulation type and time stamp resolut...
Definition wtap.c:1943
wtap_file_get_shb_for_new_file
GArray * wtap_file_get_shb_for_new_file(wtap *wth)
Gets new section header block for new file, based on existing info.
Definition wtap.c:151
wtap_dump_params_generate_idb
wtap_block_t wtap_dump_params_generate_idb(const wtap_dump_params *params)
Generate an IDB, given a set of dump parameters, using the parameters' encapsulation type,...
Definition wtap.c:618
wtap_add_generated_idb
WS_DLL_PUBLIC void wtap_add_generated_idb(wtap *wth)
Generate an IDB, given a wiretap handle for the file, using the file's encapsulation type,...
Definition wtap.c:352
wtap_add_idb
void wtap_add_idb(wtap *wth, wtap_block_t idb)
Definition wtap.c:276
wtap_file_get_nrb_for_new_file
GArray * wtap_file_get_nrb_for_new_file(wtap *wth)
Gets new name resolution info for new file, based on existing info.
Definition wtap.c:522
wtap_new_secrets_callback_t
void(* wtap_new_secrets_callback_t)(uint32_t secrets_type, const void *secrets, unsigned size)
Definition wtap.h:1914
wtap_new_ipv4_callback_t
void(* wtap_new_ipv4_callback_t)(const unsigned addr, const char *name, const bool static_entry)
Definition wtap.h:1902
wtap_opttypes.h
Generated by doxygen 1.9.8