Wireshark 4.5.0
The Wireshark network protocol analyzer
Loading...
Searching...
No Matches
wtap-int.h
Go to the documentation of this file.
1
9#ifndef __WTAP_INT_H__
10#define __WTAP_INT_H__
11
12#include "wtap.h"
13#include <time.h>
14
15#ifdef _WIN32
16#include <winsock2.h>
17#endif
18
19#include <wsutil/array.h>
20#include <wsutil/file_util.h>
21
22#include "wtap_opttypes.h"
23
24void wtap_init_file_type_subtypes(void);
25
26WS_DLL_PUBLIC
27int wtap_fstat(wtap *wth, ws_statb64 *statb, int *err);
28
29typedef bool (*subtype_read_func)(struct wtap*, wtap_rec *,
30 Buffer *, int *, char **, int64_t *);
31typedef bool (*subtype_seek_read_func)(struct wtap*, int64_t, wtap_rec *,
32 Buffer *, int *, char **);
33
37struct wtap {
38 FILE_T fh;
40 bool ispipe;
41 int file_type_subtype;
42 unsigned snapshot_length;
43 GArray *shb_hdrs;
47 GArray *nrbs;
48 GArray *dsbs;
49 GArray *meta_events;
51 char *pathname;
53 void *priv; /* this one holds per-file state and is free'd automatically by wtap_close() */
54 void *wslua_data; /* this one holds wslua state info and is not free'd */
55
56 subtype_read_func subtype_read;
57 subtype_seek_read_func subtype_seek_read;
58 void (*subtype_sequential_close)(struct wtap*);
59 void (*subtype_close)(struct wtap*);
60 int file_encap; /* per-file, for those
61 * file formats that have
62 * per-file encapsulation
63 * types rather than per-packet
64 * encapsulation types
65 */
66 int file_tsprec; /* per-file timestamp precision
67 * of the fractional part of
68 * the time stamp, for those
69 * file formats that have
70 * per-file timestamp
71 * precision rather than
72 * per-packet timestamp
73 * precision
74 * e.g. WTAP_TSPREC_USEC
75 */
76 wtap_new_ipv4_callback_t add_new_ipv4;
77 wtap_new_ipv6_callback_t add_new_ipv6;
78 wtap_new_secrets_callback_t add_new_secrets;
79 GPtrArray *fast_seek;
80};
81
82struct wtap_dumper;
83
84/*
85 * This could either be a FILE * or a handle used by code that writes
86 * a compressed file.
87 */
88typedef void *WFILE_T;
89
90typedef bool (*subtype_add_idb_func)(struct wtap_dumper*, wtap_block_t,
91 int *, char **);
92
93typedef bool (*subtype_write_func)(struct wtap_dumper*,
94 const wtap_rec *rec,
95 const uint8_t*, int*, char**);
96typedef bool (*subtype_finish_func)(struct wtap_dumper*, int*, char**);
97
99 WFILE_T fh;
100 int file_type_subtype;
101 int snaplen;
102 int file_encap; /* per-file, for those
103 * file formats that have
104 * per-file encapsulation
105 * types rather than per-packet
106 * encapsulation types
107 */
108 wtap_compression_type compression_type;
109 bool needs_reload; /* true if the file requires re-loading after saving with wtap */
110 int64_t bytes_dumped;
111
112 void *priv; /* this one holds per-file state and is free'd automatically by wtap_dump_close() */
113 void *wslua_data; /* this one holds wslua state info and is not free'd */
114
115 subtype_add_idb_func subtype_add_idb; /* add an IDB, writing it as necessary */
116 subtype_write_func subtype_write; /* write out a record */
117 subtype_finish_func subtype_finish; /* write out information to finish writing file */
118
120 GArray *shb_hdrs;
121 const GArray *shb_iface_to_global;
123 GArray *dsbs_initial;
125 /*
126 * Additional blocks that might grow as data is being collected.
127 * Subtypes should write these blocks before writing new packet blocks.
128 */
129 const GArray *nrbs_growing;
130 const GArray *dsbs_growing;
131 const GArray *mevs_growing;
135};
136
137WS_DLL_PUBLIC bool wtap_dump_file_write(wtap_dumper *wdh, const void *buf,
138 size_t bufsize, int *err);
139WS_DLL_PUBLIC int64_t wtap_dump_file_seek(wtap_dumper *wdh, int64_t offset, int whence, int *err);
140WS_DLL_PUBLIC int64_t wtap_dump_file_tell(wtap_dumper *wdh, int *err);
141
142extern int wtap_num_file_types;
143
144#include <wsutil/pint.h>
145
146/* Macros to byte-swap possibly-unaligned 64-bit, 32-bit and 16-bit quantities;
147 * they take a pointer to the quantity, and byte-swap it in place.
148 */
149#define PBSWAP64(p) \
150 { \
151 uint8_t tmp; \
152 tmp = (p)[7]; \
153 (p)[7] = (p)[0]; \
154 (p)[0] = tmp; \
155 tmp = (p)[6]; \
156 (p)[6] = (p)[1]; \
157 (p)[1] = tmp; \
158 tmp = (p)[5]; \
159 (p)[5] = (p)[2]; \
160 (p)[2] = tmp; \
161 tmp = (p)[4]; \
162 (p)[4] = (p)[3]; \
163 (p)[3] = tmp; \
164 }
165#define PBSWAP32(p) \
166 { \
167 uint8_t tmp; \
168 tmp = (p)[3]; \
169 (p)[3] = (p)[0]; \
170 (p)[0] = tmp; \
171 tmp = (p)[2]; \
172 (p)[2] = (p)[1]; \
173 (p)[1] = tmp; \
174 }
175#define PBSWAP16(p) \
176 { \
177 uint8_t tmp; \
178 tmp = (p)[1]; \
179 (p)[1] = (p)[0]; \
180 (p)[0] = tmp; \
181 }
182
183
184/* Pointer routines to put items out in a particular byte order.
185 * These will work regardless of the byte alignment of the pointer.
186 */
187
188#ifndef phtons
189#define phtons(p, v) \
190 { \
191 (p)[0] = (uint8_t)((v) >> 8); \
192 (p)[1] = (uint8_t)((v) >> 0); \
193 }
194#endif
195
196#ifndef phton24
197#define phton24(p, v) \
198 { \
199 (p)[0] = (uint8_t)((v) >> 16); \
200 (p)[1] = (uint8_t)((v) >> 8); \
201 (p)[2] = (uint8_t)((v) >> 0); \
202 }
203#endif
204
205#ifndef phtonl
206#define phtonl(p, v) \
207 { \
208 (p)[0] = (uint8_t)((v) >> 24); \
209 (p)[1] = (uint8_t)((v) >> 16); \
210 (p)[2] = (uint8_t)((v) >> 8); \
211 (p)[3] = (uint8_t)((v) >> 0); \
212 }
213#endif
214
215#ifndef phtonll
216#define phtonll(p, v) \
217 { \
218 (p)[0] = (uint8_t)((v) >> 56); \
219 (p)[1] = (uint8_t)((v) >> 48); \
220 (p)[2] = (uint8_t)((v) >> 40); \
221 (p)[3] = (uint8_t)((v) >> 32); \
222 (p)[4] = (uint8_t)((v) >> 24); \
223 (p)[5] = (uint8_t)((v) >> 16); \
224 (p)[6] = (uint8_t)((v) >> 8); \
225 (p)[7] = (uint8_t)((v) >> 0); \
226 }
227#endif
228
229#ifndef phtole8
230#define phtole8(p, v) \
231 { \
232 (p)[0] = (uint8_t)((v) >> 0); \
233 }
234#endif
235
236#ifndef phtoles
237#define phtoles(p, v) \
238 { \
239 (p)[0] = (uint8_t)((v) >> 0); \
240 (p)[1] = (uint8_t)((v) >> 8); \
241 }
242#endif
243
244#ifndef phtole24
245#define phtole24(p, v) \
246 { \
247 (p)[0] = (uint8_t)((v) >> 0); \
248 (p)[1] = (uint8_t)((v) >> 8); \
249 (p)[2] = (uint8_t)((v) >> 16); \
250 }
251#endif
252
253#ifndef phtolel
254#define phtolel(p, v) \
255 { \
256 (p)[0] = (uint8_t)((v) >> 0); \
257 (p)[1] = (uint8_t)((v) >> 8); \
258 (p)[2] = (uint8_t)((v) >> 16); \
259 (p)[3] = (uint8_t)((v) >> 24); \
260 }
261#endif
262
263#ifndef phtolell
264#define phtolell(p, v) \
265 { \
266 (p)[0] = (uint8_t)((v) >> 0); \
267 (p)[1] = (uint8_t)((v) >> 8); \
268 (p)[2] = (uint8_t)((v) >> 16); \
269 (p)[3] = (uint8_t)((v) >> 24); \
270 (p)[4] = (uint8_t)((v) >> 32); \
271 (p)[5] = (uint8_t)((v) >> 40); \
272 (p)[6] = (uint8_t)((v) >> 48); \
273 (p)[7] = (uint8_t)((v) >> 56); \
274 }
275#endif
276
277/*
278 * Read a given number of bytes from a file into a buffer or, if
279 * buf is NULL, just discard them.
280 *
281 * If we succeed, return true.
282 *
283 * If we get an EOF, return false with *err set to 0, reporting this
284 * as an EOF.
285 *
286 * If we get fewer bytes than the specified number, return false with
287 * *err set to WTAP_ERR_SHORT_READ, reporting this as a short read
288 * error.
289 *
290 * If we get a read error, return false with *err and *err_info set
291 * appropriately.
292 */
293WS_DLL_PUBLIC
294bool
295wtap_read_bytes_or_eof(FILE_T fh, void *buf, unsigned int count, int *err,
296 char **err_info);
297
298/*
299 * Read a given number of bytes from a file into a buffer or, if
300 * buf is NULL, just discard them.
301 *
302 * If we succeed, return true.
303 *
304 * If we get fewer bytes than the specified number, including getting
305 * an EOF, return false with *err set to WTAP_ERR_SHORT_READ, reporting
306 * this as a short read error.
307 *
308 * If we get a read error, return false with *err and *err_info set
309 * appropriately.
310 */
311WS_DLL_PUBLIC
312bool
313wtap_read_bytes(FILE_T fh, void *buf, unsigned int count, int *err,
314 char **err_info);
315
316/*
317 * Read packet data into a Buffer, growing the buffer as necessary.
318 *
319 * This returns an error on a short read, even if the short read hit
320 * the EOF immediately. (The assumption is that each packet has a
321 * header followed by raw packet data, and that we've already read the
322 * header, so if we get an EOF trying to read the packet data, the file
323 * has been cut short, even if the read didn't read any data at all.)
324 */
325WS_DLL_PUBLIC
326bool
327wtap_read_packet_bytes(FILE_T fh, Buffer *buf, unsigned length, int *err,
328 char **err_info);
329
330/*
331 * Implementation of wth->subtype_read that reads the full file contents
332 * as a single packet.
333 */
334bool
335wtap_full_file_read(wtap *wth, wtap_rec *rec, Buffer *buf,
336 int *err, char **err_info, int64_t *data_offset);
337
338/*
339 * Implementation of wth->subtype_seek_read that reads the full file contents
340 * as a single packet.
341 */
342bool
343wtap_full_file_seek_read(wtap *wth, int64_t seek_off, wtap_rec *rec, Buffer *buf, int *err, char **err_info);
344
348void
350
354void
356
360void
362
363void
364wtap_register_compatibility_file_subtype_name(const char *old_name,
365 const char *new_name);
366
367void
368wtap_register_backwards_compatibility_lua_name(const char *name, int ft);
369
371 const char *name;
372 int ft;
373};
374
375WS_DLL_PUBLIC
376const GArray *get_backwards_compatibility_lua_table(void);
377
392
404WS_DLL_PUBLIC
406
420
433
445
446#endif /* __WTAP_INT_H__ */
447
448/*
449 * Editor modelines - https://www.wireshark.org/tools/modelines.html
450 *
451 * Local variables:
452 * c-basic-offset: 4
453 * tab-width: 8
454 * indent-tabs-mode: nil
455 * End:
456 *
457 * vi: set shiftwidth=4 tabstop=8 expandtab:
458 * :indentSize=4:tabSize=8:noTabs=true:
459 */
Definition buffer.h:22
Definition wtap.h:1526
Definition wtap-int.h:370
Definition pcapio.c:113
Definition wtap_opttypes.c:85
Definition wtap.h:1547
Definition wtap-int.h:98
unsigned nrbs_growing_written
Definition wtap-int.h:132
GArray * dsbs_initial
Definition wtap-int.h:123
GArray * interface_data
Definition wtap-int.h:122
const GArray * dsbs_growing
Definition wtap-int.h:130
const GArray * mevs_growing
Definition wtap-int.h:131
unsigned mevs_growing_written
Definition wtap-int.h:134
const GArray * shb_iface_to_global
Definition wtap-int.h:121
unsigned dsbs_growing_written
Definition wtap-int.h:133
addrinfo_lists_t * addrinfo_lists
Definition wtap-int.h:119
const GArray * nrbs_growing
Definition wtap-int.h:129
Definition file_wrappers.c:222
Definition wtap.h:1432
Definition wtap-int.h:37
GArray * interface_data
Definition wtap-int.h:45
bool ispipe
Definition wtap-int.h:40
GArray * shb_iface_to_global
Definition wtap-int.h:44
FILE_T random_fh
Definition wtap-int.h:39
unsigned next_interface_data
Definition wtap-int.h:46
GArray * nrbs
Definition wtap-int.h:47
char * pathname
Definition wtap-int.h:51
GArray * meta_events
Definition wtap-int.h:49
GArray * dsbs
Definition wtap-int.h:48
void wtapng_process_nrb(wtap *wth, wtap_block_t nrb)
Definition wtap.c:1669
void wtapng_process_dsb(wtap *wth, wtap_block_t dsb)
Definition wtap.c:1693
wtap_block_t wtap_rec_generate_idb(const wtap_rec *rec)
Generate an IDB, given a packet record, using the records's encapsulation type and time stamp resolut...
Definition wtap.c:1903
GArray * wtap_file_get_shb_for_new_file(wtap *wth)
Gets new section header block for new file, based on existing info.
Definition wtap.c:150
wtap_block_t wtap_dump_params_generate_idb(const wtap_dump_params *params)
Generate an IDB, given a set of dump parameters, using the parameters' encapsulation type,...
Definition wtap.c:617
WS_DLL_PUBLIC void wtap_add_generated_idb(wtap *wth)
Generate an IDB, given a wiretap handle for the file, using the file's encapsulation type,...
Definition wtap.c:351
void wtap_add_idb(wtap *wth, wtap_block_t idb)
Definition wtap.c:275
GArray * wtap_file_get_nrb_for_new_file(wtap *wth)
Gets new name resolution info for new file, based on existing info.
Definition wtap.c:521
void(* wtap_new_secrets_callback_t)(uint32_t secrets_type, const void *secrets, unsigned size)
Definition wtap.h:1911
void(* wtap_new_ipv4_callback_t)(const unsigned addr, const char *name, const bool static_entry)
Definition wtap.h:1899