static void exp_pdu_file_open(exp_pdu_t *exp_pdu_tap_data) { char *tmpname, *capfile_name; int err; /* pcapng defs */ wtap_optionblock_t shb_hdr; wtapng_iface_descriptions_t *idb_inf; wtap_optionblock_t int_data; wtapng_if_descr_mandatory_t *int_data_mand; GString *os_info_str; gchar *opt_comment, *wireshark_ver; /* Create data for SHB */ os_info_str = g_string_new(""); get_os_version_info(os_info_str); shb_hdr = wtap_optionblock_create(WTAP_OPTION_BLOCK_NG_SECTION); /* options */ opt_comment = g_strdup_printf("Dump of PDUs from %s", cfile.filename); wtap_optionblock_set_option_string(shb_hdr, OPT_COMMENT, opt_comment); g_free(opt_comment); /* * UTF-8 string containing the name of the operating system used to create * this section. */ wtap_optionblock_set_option_string(shb_hdr, OPT_SHB_OS, g_string_free(os_info_str, TRUE)); /* * UTF-8 string containing the name of the application used to create * this section. */ wireshark_ver = g_strdup_printf("Wireshark %s", get_ws_vcs_version_info()); wtap_optionblock_set_option_string(shb_hdr, OPT_SHB_USERAPPL, wireshark_ver); g_free(wireshark_ver); /* Create fake IDB info */ idb_inf = g_new(wtapng_iface_descriptions_t,1); idb_inf->interface_data = g_array_new(FALSE, FALSE, sizeof(wtap_optionblock_t)); /* create the fake interface data */ int_data = wtap_optionblock_create(WTAP_OPTION_BLOCK_IF_DESCR); int_data_mand = (wtapng_if_descr_mandatory_t*)wtap_optionblock_get_mandatory_data(int_data); int_data_mand->wtap_encap = WTAP_ENCAP_WIRESHARK_UPPER_PDU; int_data_mand->time_units_per_second = 1000000000; /* default nanosecond resolution */ int_data_mand->link_type = wtap_wtap_encap_to_pcap_encap(WTAP_ENCAP_WIRESHARK_UPPER_PDU); int_data_mand->snap_len = WTAP_MAX_PACKET_SIZE; wtap_optionblock_set_option_string(int_data, OPT_IDB_NAME, "Fake IF, PDU->Export"); wtap_optionblock_set_option_uint8(int_data, OPT_IDB_TSRESOL, 9); g_array_append_val(idb_inf->interface_data, int_data); /* Use a random name for the temporary import buffer */ exp_pdu_tap_data->wdh = wtap_dump_open_tempfile_ng(&tmpname, "Wireshark_PDU_", WTAP_FILE_TYPE_SUBTYPE_PCAPNG, WTAP_ENCAP_WIRESHARK_UPPER_PDU, WTAP_MAX_PACKET_SIZE, FALSE, shb_hdr, idb_inf, NULL, &err); capfile_name = g_strdup(tmpname); if (exp_pdu_tap_data->wdh == NULL) { open_failure_alert_box(capfile_name ? capfile_name : "temporary file", err, TRUE); goto end; } /* Run the tap */ cf_retap_packets(&cfile); if (!wtap_dump_close(exp_pdu_tap_data->wdh, &err)) { write_failure_alert_box(capfile_name, err); } remove_tap_listener(exp_pdu_tap_data); /* XXX: should this use the open_routine type in the cfile instead of WTAP_TYPE_AUTO? */ if (cf_open(&cfile, capfile_name, WTAP_TYPE_AUTO, TRUE /* temporary file */, &err) != CF_OK) { open_failure_alert_box(capfile_name, err, FALSE); goto end; } switch (cf_read(&cfile, FALSE)) { case CF_READ_OK: case CF_READ_ERROR: /* Just because we got an error, that doesn't mean we were unable to read any of the file; we handle what we could get from the file. */ break; case CF_READ_ABORTED: /* The user bailed out of re-reading the capture file; the capture file has been closed - just free the capture file name string and return (without changing the last containing directory). */ break; } end: g_free(capfile_name); wtap_optionblock_free(shb_hdr); wtap_free_idb_info(idb_inf); }
/* * Merges the files based on given input, and invokes callback during * execution. Returns MERGE_OK on success, or a MERGE_ERR_XXX on failure; note * that the passed-in 'err' variable will be more specific to what failed, and * err_info will have pretty output. */ merge_result merge_files(int out_fd, const gchar* out_filename, const int file_type, const char *const *in_filenames, const guint in_file_count, const gboolean do_append, const idb_merge_mode mode, guint snaplen, const gchar *app_name, merge_progress_callback_t* cb, int *err, gchar **err_info, guint *err_fileno) { merge_in_file_t *in_files = NULL, *in_file = NULL; int frame_type = WTAP_ENCAP_PER_PACKET; merge_result status = MERGE_OK; wtap_dumper *pdh; struct wtap_pkthdr *phdr, snap_phdr; int count = 0; gboolean stop_flag = FALSE; wtap_optionblock_t shb_hdr = NULL; wtapng_iface_descriptions_t *idb_inf = NULL; g_assert(out_fd > 0); g_assert(in_file_count > 0); g_assert(in_filenames != NULL); g_assert(err != NULL); g_assert(err_info != NULL); g_assert(err_fileno != NULL); /* if a callback was given, it has to have a callback function ptr */ g_assert((cb != NULL) ? (cb->callback_func != NULL) : TRUE); merge_debug("merge_files: begin"); /* open the input files */ if (!merge_open_in_files(in_file_count, in_filenames, &in_files, err, err_info, err_fileno)) { merge_debug("merge_files: merge_open_in_files() failed with err=%d", *err); return MERGE_ERR_CANT_OPEN_INFILE; } if (cb) cb->callback_func(MERGE_EVENT_INPUT_FILES_OPENED, 0, in_files, in_file_count, cb->data); if (snaplen == 0) { /* Snapshot length not specified - default to the maximum. */ snaplen = WTAP_MAX_PACKET_SIZE; } /* * This doesn't tell us that much. It tells us what to set the outfile's * encap type to, but that's all - for example, it does *not* tells us * whether the input files had the same number of IDBs, for the same exact * interfaces, and only one IDB each, so it doesn't actually tell us * whether we can merge IDBs into one or not. */ frame_type = merge_select_frame_type(in_file_count, in_files); merge_debug("merge_files: got frame_type=%d", frame_type); if (cb) cb->callback_func(MERGE_EVENT_FRAME_TYPE_SELECTED, frame_type, in_files, in_file_count, cb->data); /* prepare the outfile */ if (file_type == WTAP_FILE_TYPE_SUBTYPE_PCAPNG) { shb_hdr = create_shb_header(in_files, in_file_count, app_name); merge_debug("merge_files: SHB created"); idb_inf = generate_merged_idb(in_files, in_file_count, mode); merge_debug("merge_files: IDB merge operation complete, got %u IDBs", idb_inf ? idb_inf->interface_data->len : 0); pdh = wtap_dump_fdopen_ng(out_fd, file_type, frame_type, snaplen, FALSE /* compressed */, shb_hdr, idb_inf, NULL, err); } else { pdh = wtap_dump_fdopen(out_fd, file_type, frame_type, snaplen, FALSE /* compressed */, err); } if (pdh == NULL) { merge_close_in_files(in_file_count, in_files); g_free(in_files); wtap_optionblock_free(shb_hdr); wtap_free_idb_info(idb_inf); return MERGE_ERR_CANT_OPEN_OUTFILE; } if (cb) cb->callback_func(MERGE_EVENT_READY_TO_MERGE, 0, in_files, in_file_count, cb->data); for (;;) { *err = 0; if (do_append) { in_file = merge_append_read_packet(in_file_count, in_files, err, err_info); } else { in_file = merge_read_packet(in_file_count, in_files, err, err_info); } if (in_file == NULL) { /* EOF */ break; } if (*err != 0) { /* I/O error reading from in_file */ status = MERGE_ERR_CANT_READ_INFILE; break; } count++; if (cb) stop_flag = cb->callback_func(MERGE_EVENT_PACKET_WAS_READ, count, in_files, in_file_count, cb->data); if (stop_flag) { /* The user decided to abort the merge. */ status = MERGE_USER_ABORTED; break; } phdr = wtap_phdr(in_file->wth); if (snaplen != 0 && phdr->caplen > snaplen) { /* * The dumper will only write up to caplen bytes out, so we only * need to change that value, instead of cloning the whole packet * with fewer bytes. * * XXX: but do we need to change the IDBs' snap_len? */ snap_phdr = *phdr; snap_phdr.caplen = snaplen; phdr = &snap_phdr; } if (file_type == WTAP_FILE_TYPE_SUBTYPE_PCAPNG) { if (!map_phdr_interface_id(phdr, in_file)) { status = MERGE_ERR_BAD_PHDR_INTERFACE_ID; break; } } if (!wtap_dump(pdh, phdr, wtap_buf_ptr(in_file->wth), err, err_info)) { status = MERGE_ERR_CANT_WRITE_OUTFILE; break; } } if (cb) cb->callback_func(MERGE_EVENT_DONE, count, in_files, in_file_count, cb->data); merge_close_in_files(in_file_count, in_files); if (status == MERGE_OK || status == MERGE_USER_ABORTED) { if (!wtap_dump_close(pdh, err)) status = MERGE_ERR_CANT_CLOSE_OUTFILE; } else { /* * We already got some error; no need to report another error on * close. * * Don't overwrite the earlier error. */ int close_err = 0; (void)wtap_dump_close(pdh, &close_err); } if (status != MERGE_OK) { GString *err_message = NULL; gchar *display_basename = NULL; switch(status) { case MERGE_ERR_CANT_READ_INFILE: *err_info = get_read_error_string(in_files, in_file_count, err, err_info); break; case MERGE_ERR_CANT_WRITE_OUTFILE: /* fall through */ case MERGE_ERR_CANT_CLOSE_OUTFILE: *err_info = get_write_error_string(in_file, file_type, out_filename, err, err_info); break; case MERGE_ERR_BAD_PHDR_INTERFACE_ID: display_basename = g_filename_display_basename(in_file ? in_file->filename : "UNKNOWN"); if (*err_info != NULL) g_free(*err_info); err_message = g_string_new(""); g_string_printf(err_message, "Record %u of \"%s\" has an interface ID which does not match any IDB in its file.", in_file ? in_file->packet_num : 0, display_basename); g_free(display_basename); *err_info = g_string_free(err_message, FALSE); break; case MERGE_USER_ABORTED: /* not really an error */ default: break; } } g_free(in_files); wtap_optionblock_free(shb_hdr); wtap_free_idb_info(idb_inf); return status; }