void
wtap_close(wtap *wth)
{
wtap_sequential_close(wth);
if (wth->subtype_close != NULL)
(*wth->subtype_close)(wth);
if (wth->random_fh != NULL)
file_close(wth->random_fh);
g_free(wth->priv);
if (wth->fast_seek != NULL) {
g_ptr_array_foreach(wth->fast_seek, g_fast_seek_item_free, NULL);
g_ptr_array_free(wth->fast_seek, TRUE);
}
wtap_block_array_free(wth->shb_hdrs);
wtap_block_array_free(wth->nrb_hdrs);
wtap_block_array_free(wth->interface_data);
wtap_block_array_free(wth->dsbs);
g_free(wth);
}
void
wtap_dump_params_cleanup(wtap_dump_params *params)
{
wtap_block_array_free(params->shb_hdrs);
/* params->idb_inf is currently expected to be freed by the caller. */
wtap_block_array_free(params->nrb_hdrs);
memset(params, 0, sizeof(*params));
}
void
wtap_free_idb_info(wtapng_iface_descriptions_t *idb_info)
{
if (idb_info == NULL)
return;
wtap_block_array_free(idb_info->interface_data);
g_free(idb_info);
}
/*
* Merges the files based on given input, and invokes callback during
* execution. Returns MERGE_OK on success, or a MERGE_ERR_XXX on failure; note
* that the passed-in 'err' variable will be more specific to what failed, and
* err_info will have pretty output.
*/
merge_result
merge_files(int out_fd, const gchar* out_filename, const int file_type,
const char *const *in_filenames, const guint in_file_count,
const gboolean do_append, const idb_merge_mode mode,
guint snaplen, const gchar *app_name, merge_progress_callback_t* cb,
int *err, gchar **err_info, guint *err_fileno)
{
merge_in_file_t *in_files = NULL, *in_file = NULL;
int frame_type = WTAP_ENCAP_PER_PACKET;
merge_result status = MERGE_OK;
wtap_dumper *pdh;
struct wtap_pkthdr *phdr, snap_phdr;
int count = 0;
gboolean stop_flag = FALSE;
GArray *shb_hdrs = NULL;
wtapng_iface_descriptions_t *idb_inf = NULL;
g_assert(out_fd > 0);
g_assert(in_file_count > 0);
g_assert(in_filenames != NULL);
g_assert(err != NULL);
g_assert(err_info != NULL);
g_assert(err_fileno != NULL);
/* if a callback was given, it has to have a callback function ptr */
g_assert((cb != NULL) ? (cb->callback_func != NULL) : TRUE);
merge_debug("merge_files: begin");
/* open the input files */
if (!merge_open_in_files(in_file_count, in_filenames, &in_files,
err, err_info, err_fileno)) {
merge_debug("merge_files: merge_open_in_files() failed with err=%d", *err);
return MERGE_ERR_CANT_OPEN_INFILE;
}
if (cb)
cb->callback_func(MERGE_EVENT_INPUT_FILES_OPENED, 0, in_files, in_file_count, cb->data);
if (snaplen == 0) {
/* Snapshot length not specified - default to the maximum. */
snaplen = WTAP_MAX_PACKET_SIZE;
}
/*
* This doesn't tell us that much. It tells us what to set the outfile's
* encap type to, but that's all - for example, it does *not* tells us
* whether the input files had the same number of IDBs, for the same exact
* interfaces, and only one IDB each, so it doesn't actually tell us
* whether we can merge IDBs into one or not.
*/
frame_type = merge_select_frame_type(in_file_count, in_files);
merge_debug("merge_files: got frame_type=%d", frame_type);
if (cb)
cb->callback_func(MERGE_EVENT_FRAME_TYPE_SELECTED, frame_type, in_files, in_file_count, cb->data);
/* prepare the outfile */
if (file_type == WTAP_FILE_TYPE_SUBTYPE_PCAPNG) {
shb_hdrs = create_shb_header(in_files, in_file_count, app_name);
merge_debug("merge_files: SHB created");
idb_inf = generate_merged_idb(in_files, in_file_count, mode);
merge_debug("merge_files: IDB merge operation complete, got %u IDBs", idb_inf ? idb_inf->interface_data->len : 0);
pdh = wtap_dump_fdopen_ng(out_fd, file_type, frame_type, snaplen,
FALSE /* compressed */, shb_hdrs, idb_inf,
NULL, err);
}
else {
pdh = wtap_dump_fdopen(out_fd, file_type, frame_type, snaplen, FALSE /* compressed */, err);
}
if (pdh == NULL) {
merge_close_in_files(in_file_count, in_files);
g_free(in_files);
wtap_block_array_free(shb_hdrs);
wtap_free_idb_info(idb_inf);
return MERGE_ERR_CANT_OPEN_OUTFILE;
}
if (cb)
cb->callback_func(MERGE_EVENT_READY_TO_MERGE, 0, in_files, in_file_count, cb->data);
for (;;) {
*err = 0;
if (do_append) {
in_file = merge_append_read_packet(in_file_count, in_files, err,
err_info);
}
else {
in_file = merge_read_packet(in_file_count, in_files, err,
err_info);
}
if (in_file == NULL) {
/* EOF */
break;
}
if (*err != 0) {
/* I/O error reading from in_file */
status = MERGE_ERR_CANT_READ_INFILE;
break;
}
count++;
if (cb)
stop_flag = cb->callback_func(MERGE_EVENT_PACKET_WAS_READ, count, in_files, in_file_count, cb->data);
if (stop_flag) {
/* The user decided to abort the merge. */
status = MERGE_USER_ABORTED;
break;
}
phdr = wtap_phdr(in_file->wth);
if (snaplen != 0 && phdr->caplen > snaplen) {
/*
* The dumper will only write up to caplen bytes out, so we only
* need to change that value, instead of cloning the whole packet
* with fewer bytes.
*
* XXX: but do we need to change the IDBs' snap_len?
*/
snap_phdr = *phdr;
snap_phdr.caplen = snaplen;
phdr = &snap_phdr;
}
if (file_type == WTAP_FILE_TYPE_SUBTYPE_PCAPNG) {
/*
* XXX - We should do this only for record types
* that pertain to a particular interface; for
* now, we hardcode that, but we need to figure
* out a more general way to handle this.
*/
if (phdr->rec_type == REC_TYPE_PACKET) {
if (!map_phdr_interface_id(phdr, in_file)) {
status = MERGE_ERR_BAD_PHDR_INTERFACE_ID;
break;
}
}
}
if (!wtap_dump(pdh, phdr, wtap_buf_ptr(in_file->wth), err, err_info)) {
status = MERGE_ERR_CANT_WRITE_OUTFILE;
break;
}
}
if (cb)
cb->callback_func(MERGE_EVENT_DONE, count, in_files, in_file_count, cb->data);
merge_close_in_files(in_file_count, in_files);
if (status == MERGE_OK || status == MERGE_USER_ABORTED) {
if (!wtap_dump_close(pdh, err))
status = MERGE_ERR_CANT_CLOSE_OUTFILE;
} else {
/*
* We already got some error; no need to report another error on
* close.
*
* Don't overwrite the earlier error.
*/
int close_err = 0;
(void)wtap_dump_close(pdh, &close_err);
}
if (status != MERGE_OK) {
GString *err_message = NULL;
gchar *display_basename = NULL;
switch(status) {
case MERGE_ERR_CANT_READ_INFILE:
*err_info = get_read_error_string(in_files, in_file_count, err, err_info);
break;
case MERGE_ERR_CANT_WRITE_OUTFILE: /* fall through */
case MERGE_ERR_CANT_CLOSE_OUTFILE:
*err_info = get_write_error_string(in_file, file_type, out_filename, err, err_info);
break;
case MERGE_ERR_BAD_PHDR_INTERFACE_ID:
display_basename = g_filename_display_basename(in_file ? in_file->filename : "UNKNOWN");
if (*err_info != NULL)
g_free(*err_info);
err_message = g_string_new("");
g_string_printf(err_message,
"Record %u of \"%s\" has an interface ID which does not match any IDB in its file.",
in_file ? in_file->packet_num : 0, display_basename);
g_free(display_basename);
*err_info = g_string_free(err_message, FALSE);
break;
case MERGE_USER_ABORTED: /* not really an error */
default:
break;
}
}
g_free(in_files);
wtap_block_array_free(shb_hdrs);
wtap_free_idb_info(idb_inf);
return status;
}
/*
* Merges the files to an output file whose name is supplied as an argument,
* based on given input, and invokes callback during execution. Returns
* MERGE_OK on success, or a MERGE_ERR_XXX on failure.
*/
merge_result
merge_files(const gchar* out_filename, const int file_type,
const char *const *in_filenames, const guint in_file_count,
const gboolean do_append, const idb_merge_mode mode,
guint snaplen, const gchar *app_name, merge_progress_callback_t* cb,
int *err, gchar **err_info, guint *err_fileno,
guint32 *err_framenum)
{
merge_in_file_t *in_files = NULL;
int frame_type = WTAP_ENCAP_PER_PACKET;
merge_result status = MERGE_OK;
wtap_dumper *pdh;
GArray *shb_hdrs = NULL;
wtapng_iface_descriptions_t *idb_inf = NULL;
g_assert(out_filename != NULL);
g_assert(in_file_count > 0);
g_assert(in_filenames != NULL);
g_assert(err != NULL);
g_assert(err_info != NULL);
g_assert(err_fileno != NULL);
g_assert(err_framenum != NULL);
/* if a callback was given, it has to have a callback function ptr */
g_assert((cb != NULL) ? (cb->callback_func != NULL) : TRUE);
merge_debug("merge_files: begin");
/* open the input files */
if (!merge_open_in_files(in_file_count, in_filenames, &in_files, cb,
err, err_info, err_fileno)) {
merge_debug("merge_files: merge_open_in_files() failed with err=%d", *err);
*err_framenum = 0;
return MERGE_ERR_CANT_OPEN_INFILE;
}
if (snaplen == 0) {
/* Snapshot length not specified - default to the maximum. */
snaplen = WTAP_MAX_PACKET_SIZE_STANDARD;
}
/*
* This doesn't tell us that much. It tells us what to set the outfile's
* encap type to, but that's all - for example, it does *not* tells us
* whether the input files had the same number of IDBs, for the same exact
* interfaces, and only one IDB each, so it doesn't actually tell us
* whether we can merge IDBs into one or not.
*/
frame_type = merge_select_frame_type(in_file_count, in_files);
merge_debug("merge_files: got frame_type=%d", frame_type);
if (cb)
cb->callback_func(MERGE_EVENT_FRAME_TYPE_SELECTED, frame_type, in_files, in_file_count, cb->data);
/* prepare the outfile */
if (file_type == WTAP_FILE_TYPE_SUBTYPE_PCAPNG) {
shb_hdrs = create_shb_header(in_files, in_file_count, app_name);
merge_debug("merge_files: SHB created");
idb_inf = generate_merged_idb(in_files, in_file_count, mode);
merge_debug("merge_files: IDB merge operation complete, got %u IDBs", idb_inf ? idb_inf->interface_data->len : 0);
pdh = wtap_dump_open_ng(out_filename, file_type, frame_type, snaplen,
FALSE /* compressed */, shb_hdrs, idb_inf,
NULL, err);
}
else {
pdh = wtap_dump_open(out_filename, file_type, frame_type, snaplen,
FALSE /* compressed */, err);
}
if (pdh == NULL) {
merge_close_in_files(in_file_count, in_files);
g_free(in_files);
wtap_block_array_free(shb_hdrs);
wtap_free_idb_info(idb_inf);
*err_framenum = 0;
return MERGE_ERR_CANT_OPEN_OUTFILE;
}
if (cb)
cb->callback_func(MERGE_EVENT_READY_TO_MERGE, 0, in_files, in_file_count, cb->data);
status = merge_process_packets(pdh, file_type, in_files, in_file_count,
do_append, snaplen, cb, err, err_info,
err_fileno, err_framenum);
g_free(in_files);
wtap_block_array_free(shb_hdrs);
wtap_free_idb_info(idb_inf);
return status;
}
int
main(int argc, char *argv[])
{
GString *comp_info_str;
GString *runtime_info_str;
char *init_progfile_dir_error;
wtap *wth = NULL;
wtap_dumper *pdh = NULL;
wtap_rec dump_rec;
Buffer buf;
int err;
gchar *err_info;
gint64 data_offset;
const wtap_rec *rec;
guint wrong_order_count = 0;
gboolean write_output_regardless = TRUE;
guint i;
GArray *shb_hdrs = NULL;
wtapng_iface_descriptions_t *idb_inf = NULL;
GArray *nrb_hdrs = NULL;
int ret = EXIT_SUCCESS;
GPtrArray *frames;
FrameRecord_t *prevFrame = NULL;
int opt;
static const struct option long_options[] = {
{"help", no_argument, NULL, 'h'},
{"version", no_argument, NULL, 'v'},
{0, 0, 0, 0 }
};
int file_count;
char *infile;
const char *outfile;
cmdarg_err_init(failure_warning_message, failure_message_cont);
/* Get the compile-time version information string */
comp_info_str = get_compiled_version_info(NULL, NULL);
/* Get the run-time version information string */
runtime_info_str = get_runtime_version_info(NULL);
/* Add it to the information to be reported on a crash. */
ws_add_crash_info("Reordercap (Wireshark) %s\n"
"\n"
"%s"
"\n"
"%s",
get_ws_vcs_version_info(), comp_info_str->str, runtime_info_str->str);
g_string_free(comp_info_str, TRUE);
g_string_free(runtime_info_str, TRUE);
/*
* Get credential information for later use.
*/
init_process_policies();
/*
* Attempt to get the pathname of the directory containing the
* executable file.
*/
init_progfile_dir_error = init_progfile_dir(argv[0]);
if (init_progfile_dir_error != NULL) {
fprintf(stderr,
"reordercap: Can't get pathname of directory containing the reordercap program: %s.\n",
init_progfile_dir_error);
g_free(init_progfile_dir_error);
}
init_report_message(failure_warning_message, failure_warning_message,
NULL, NULL, NULL);
wtap_init(TRUE);
/* Process the options first */
while ((opt = getopt_long(argc, argv, "hnv", long_options, NULL)) != -1) {
switch (opt) {
case 'n':
write_output_regardless = FALSE;
break;
case 'h':
printf("Reordercap (Wireshark) %s\n"
"Reorder timestamps of input file frames into output file.\n"
"See https://www.wireshark.org for more information.\n",
get_ws_vcs_version_info());
print_usage(stdout);
goto clean_exit;
case 'v':
comp_info_str = get_compiled_version_info(NULL, NULL);
runtime_info_str = get_runtime_version_info(NULL);
show_version("Reordercap (Wireshark)", comp_info_str, runtime_info_str);
g_string_free(comp_info_str, TRUE);
g_string_free(runtime_info_str, TRUE);
goto clean_exit;
case '?':
print_usage(stderr);
ret = INVALID_OPTION;
goto clean_exit;
}
}
/* Remaining args are file names */
file_count = argc - optind;
if (file_count == 2) {
infile = argv[optind];
outfile = argv[optind+1];
}
else {
print_usage(stderr);
ret = INVALID_OPTION;
goto clean_exit;
}
/* Open infile */
/* TODO: if reordercap is ever changed to give the user a choice of which
open_routine reader to use, then the following needs to change. */
wth = wtap_open_offline(infile, WTAP_TYPE_AUTO, &err, &err_info, TRUE);
if (wth == NULL) {
cfile_open_failure_message("reordercap", infile, err, err_info);
ret = OPEN_ERROR;
goto clean_exit;
}
DEBUG_PRINT("file_type_subtype is %d\n", wtap_file_type_subtype(wth));
shb_hdrs = wtap_file_get_shb_for_new_file(wth);
idb_inf = wtap_file_get_idb_info(wth);
nrb_hdrs = wtap_file_get_nrb_for_new_file(wth);
/* Open outfile (same filetype/encap as input file) */
if (strcmp(outfile, "-") == 0) {
pdh = wtap_dump_open_stdout_ng(wtap_file_type_subtype(wth), wtap_file_encap(wth),
wtap_snapshot_length(wth), FALSE, shb_hdrs, idb_inf, nrb_hdrs, &err);
} else {
pdh = wtap_dump_open_ng(outfile, wtap_file_type_subtype(wth), wtap_file_encap(wth),
wtap_snapshot_length(wth), FALSE, shb_hdrs, idb_inf, nrb_hdrs, &err);
}
g_free(idb_inf);
idb_inf = NULL;
if (pdh == NULL) {
cfile_dump_open_failure_message("reordercap", outfile, err,
wtap_file_type_subtype(wth));
wtap_block_array_free(shb_hdrs);
wtap_block_array_free(nrb_hdrs);
ret = OUTPUT_FILE_ERROR;
goto clean_exit;
}
/* Allocate the array of frame pointers. */
frames = g_ptr_array_new();
/* Read each frame from infile */
while (wtap_read(wth, &err, &err_info, &data_offset)) {
FrameRecord_t *newFrameRecord;
rec = wtap_get_rec(wth);
newFrameRecord = g_slice_new(FrameRecord_t);
newFrameRecord->num = frames->len + 1;
newFrameRecord->offset = data_offset;
if (rec->presence_flags & WTAP_HAS_TS) {
newFrameRecord->frame_time = rec->ts;
} else {
nstime_set_unset(&newFrameRecord->frame_time);
}
if (prevFrame && frames_compare(&newFrameRecord, &prevFrame) < 0) {
wrong_order_count++;
}
g_ptr_array_add(frames, newFrameRecord);
prevFrame = newFrameRecord;
}
if (err != 0) {
/* Print a message noting that the read failed somewhere along the line. */
cfile_read_failure_message("reordercap", infile, err, err_info);
}
printf("%u frames, %u out of order\n", frames->len, wrong_order_count);
/* Sort the frames */
if (wrong_order_count > 0) {
g_ptr_array_sort(frames, frames_compare);
}
/* Write out each sorted frame in turn */
wtap_rec_init(&dump_rec);
ws_buffer_init(&buf, 1500);
for (i = 0; i < frames->len; i++) {
FrameRecord_t *frame = (FrameRecord_t *)frames->pdata[i];
/* Avoid writing if already sorted and configured to */
if (write_output_regardless || (wrong_order_count > 0)) {
frame_write(frame, wth, pdh, &dump_rec, &buf, infile, outfile);
}
g_slice_free(FrameRecord_t, frame);
}
wtap_rec_cleanup(&dump_rec);
ws_buffer_free(&buf);
if (!write_output_regardless && (wrong_order_count == 0)) {
printf("Not writing output file because input file is already in order.\n");
}
/* Free the whole array */
g_ptr_array_free(frames, TRUE);
/* Close outfile */
if (!wtap_dump_close(pdh, &err)) {
cfile_close_failure_message(outfile, err);
wtap_block_array_free(shb_hdrs);
wtap_block_array_free(nrb_hdrs);
ret = OUTPUT_FILE_ERROR;
goto clean_exit;
}
wtap_block_array_free(shb_hdrs);
wtap_block_array_free(nrb_hdrs);
/* Finally, close infile and release resources. */
wtap_close(wth);
clean_exit:
wtap_cleanup();
free_progdirs();
return ret;
}
