/* XXX - might be better to fill all interfaces into our database at startup instead of searching each time */
int
ResolveWin32UUID(e_guid_t if_id, char *uuid_name, int uuid_name_max_len)
{
TCHAR *reg_uuid_name;
HKEY hKey = NULL;
DWORD uuid_max_size = MAX_PATH;
TCHAR *reg_uuid_str;
reg_uuid_name=ep_alloc(MAX_PATH*sizeof(TCHAR));
reg_uuid_str=ep_alloc(MAX_PATH*sizeof(TCHAR));
if(uuid_name_max_len < 2){
return 0;
}
reg_uuid_name[0] = '\0';
_snwprintf(reg_uuid_str, MAX_PATH, _T("SOFTWARE\\Classes\\Interface\\{%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x}"),
if_id.data1, if_id.data2, if_id.data3,
if_id.data4[0], if_id.data4[1],
if_id.data4[2], if_id.data4[3],
if_id.data4[4], if_id.data4[5],
if_id.data4[6], if_id.data4[7]);
if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, reg_uuid_str, 0, KEY_QUERY_VALUE, &hKey) == ERROR_SUCCESS) {
if (RegQueryValueEx(hKey, NULL, NULL, NULL, (LPBYTE)reg_uuid_name, &uuid_max_size) == ERROR_SUCCESS && uuid_max_size <= MAX_PATH) {
g_snprintf(uuid_name, uuid_name_max_len, "%s", utf_16to8(reg_uuid_name));
RegCloseKey(hKey);
return (int) strlen(uuid_name);
}
RegCloseKey(hKey);
}
return 0; /* we didn't find anything anyhow. Please don't use the string! */
}
/*
* Get the OS version, and append it to the GString
*/
void
get_os_version_info(GString *str)
{
#if defined(_WIN32)
OSVERSIONINFOEX info;
SYSTEM_INFO system_info;
nativesi_func_ptr nativesi_func;
#elif defined(HAVE_SYS_UTSNAME_H)
struct utsname name;
#endif
#if defined(_WIN32)
/*
* See
*
* http://msdn.microsoft.com/library/default.asp?url=/library/en-us/sysinfo/base/getting_the_system_version.asp
*
* for more than you ever wanted to know about determining the
* flavor of Windows on which you're running. Implementing more
* of that is left as an exercise to the reader - who should
* check any copyright information about code samples on MSDN
* before cutting and pasting into Wireshark.
*
* They should also note that you need an OSVERSIONINFOEX structure
* to get some of that information, and that not only is that
* structure not supported on older versions of Windows, you might
* not even be able to compile code that *uses* that structure with
* older versions of the SDK.
*/
memset(&info, '\0', sizeof info);
info.dwOSVersionInfoSize = sizeof info;
if (!GetVersionEx((OSVERSIONINFO *)&info)) {
/*
* XXX - get the failure reason.
*/
g_string_append(str, "unknown Windows version");
return;
}
memset(&system_info, '\0', sizeof system_info);
/* Look for and use the GetNativeSystemInfo() function if available to get the correct processor
* architecture even when running 32-bit Wireshark in WOW64 (x86 emulation on 64-bit Windows) */
nativesi_func = (nativesi_func_ptr)GetProcAddress(GetModuleHandle(_T("kernel32.dll")), "GetNativeSystemInfo");
if(nativesi_func)
nativesi_func(&system_info);
else
GetSystemInfo(&system_info);
switch (info.dwPlatformId) {
case VER_PLATFORM_WIN32s:
/* Shyeah, right. */
g_string_append_printf(str, "Windows 3.1 with Win32s");
break;
case VER_PLATFORM_WIN32_WINDOWS:
/* Windows OT */
switch (info.dwMajorVersion) {
case 4:
/* 3 cheers for Microsoft marketing! */
switch (info.dwMinorVersion) {
case 0:
g_string_append_printf(str, "Windows 95");
break;
case 10:
g_string_append_printf(str, "Windows 98");
break;
case 90:
g_string_append_printf(str, "Windows Me");
break;
default:
g_string_append_printf(str, "Windows OT, unknown version %lu.%lu",
info.dwMajorVersion, info.dwMinorVersion);
break;
}
break;
default:
g_string_append_printf(str, "Windows OT, unknown version %lu.%lu",
info.dwMajorVersion, info.dwMinorVersion);
break;
}
break;
case VER_PLATFORM_WIN32_NT:
/* Windows NT */
switch (info.dwMajorVersion) {
case 3:
case 4:
g_string_append_printf(str, "Windows NT %lu.%lu",
info.dwMajorVersion, info.dwMinorVersion);
break;
case 5:
/* 3 cheers for Microsoft marketing! */
switch (info.dwMinorVersion) {
case 0:
g_string_append_printf(str, "Windows 2000");
break;
case 1:
g_string_append_printf(str, "Windows XP");
break;
case 2:
if ((info.wProductType == VER_NT_WORKSTATION) &&
(system_info.wProcessorArchitecture == PROCESSOR_ARCHITECTURE_AMD64)) {
g_string_append_printf(str, "Windows XP Professional x64 Edition");
} else {
g_string_append_printf(str, "Windows Server 2003");
if (system_info.wProcessorArchitecture == PROCESSOR_ARCHITECTURE_AMD64)
g_string_append_printf(str, " x64 Edition");
}
break;
default:
g_string_append_printf(str, "Windows NT, unknown version %lu.%lu",
info.dwMajorVersion, info.dwMinorVersion);
break;
}
break;
case 6: {
gboolean is_nt_workstation;
if (system_info.wProcessorArchitecture == PROCESSOR_ARCHITECTURE_AMD64)
g_string_append(str, "64-bit ");
else if (system_info.wProcessorArchitecture == PROCESSOR_ARCHITECTURE_INTEL)
g_string_append(str, "32-bit ");
#ifndef VER_NT_WORKSTATION
#define VER_NT_WORKSTATION 0x01
is_nt_workstation = ((info.wReserved[1] & 0xff) == VER_NT_WORKSTATION);
#else
is_nt_workstation = (info.wProductType == VER_NT_WORKSTATION);
#endif
switch (info.dwMinorVersion) {
case 0:
g_string_append_printf(str, is_nt_workstation ? "Windows Vista" : "Windows Server 2008");
break;
case 1:
g_string_append_printf(str, is_nt_workstation ? "Windows 7" : "Windows Server 2008 R2");
break;
case 2:
g_string_append_printf(str, is_nt_workstation ? "Windows 8" : "Windows Server 2012");
break;
case 3:
g_string_append_printf(str, is_nt_workstation ? "Windows 8.1" : "Windows Server 2012 R2");
break;
case 4:
g_string_append_printf(str, is_nt_workstation ? "Windows 10" : "Windows Server 10");
break;
default:
g_string_append_printf(str, "Windows NT, unknown version %lu.%lu",
info.dwMajorVersion, info.dwMinorVersion);
break;
}
break;
} /* case 6 */
default:
g_string_append_printf(str, "Windows NT, unknown version %lu.%lu",
info.dwMajorVersion, info.dwMinorVersion);
break;
} /* info.dwMajorVersion */
break;
default:
g_string_append_printf(str, "Unknown Windows platform %lu version %lu.%lu",
info.dwPlatformId, info.dwMajorVersion, info.dwMinorVersion);
break;
}
if (info.szCSDVersion[0] != '\0')
g_string_append_printf(str, " %s", utf_16to8(info.szCSDVersion));
g_string_append_printf(str, ", build %lu", info.dwBuildNumber);
#elif defined(HAVE_SYS_UTSNAME_H)
/*
* We have <sys/utsname.h>, so we assume we have "uname()".
*/
if (uname(&name) < 0) {
g_string_append_printf(str, "unknown OS version (uname failed - %s)",
g_strerror(errno));
return;
}
if (strcmp(name.sysname, "AIX") == 0) {
/*
* Yay, IBM! Thanks for doing something different
* from most of the other UNIXes out there, and
* making "name.version" apparently be the major
* version number and "name.release" be the minor
* version number.
*/
g_string_append_printf(str, "%s %s.%s", name.sysname, name.version,
name.release);
} else {
/*
* XXX - get "version" on any other platforms?
*
* On Digital/Tru64 UNIX, it's something unknown.
* On Solaris, it's some kind of build information.
* On HP-UX, it appears to be some sort of subrevision
* thing.
* On *BSD and Darwin/OS X, it's a long string giving
* a build date, config file name, etc., etc., etc..
*/
#ifdef HAVE_OS_X_FRAMEWORKS
/*
* On Mac OS X, report the Mac OS X version number as
* the OS version if we can, and put the Darwin information
* in parentheses.
*/
if (get_os_x_version_info(str)) {
/* Success - append the Darwin information. */
g_string_append_printf(str, " (%s %s)", name.sysname, name.release);
} else {
/* Failure - just use the Darwin information. */
g_string_append_printf(str, "%s %s", name.sysname, name.release);
}
#else /* HAVE_OS_X_FRAMEWORKS */
/*
* XXX - on Linux, are there any APIs to get the distribution
* name and version number? I think some distributions have
* that.
*
* At least on Linux Standard Base-compliant distributions,
* there's an "lsb_release" command. However:
*
* http://forums.fedoraforum.org/showthread.php?t=220885
*
* seems to suggest that if you don't have the redhat-lsb
* package installed, you don't have lsb_release, and that
* /etc/fedora-release has the release information on
* Fedora.
*
* http://linux.die.net/man/1/lsb_release
*
* suggests that there's an /etc/distrib-release file, but
* it doesn't indicate whether "distrib" is literally
* "distrib" or is the name for the distribution, and
* also speaks of an /etc/debian_version file.
*
* "lsb_release" apparently parses /etc/lsb-release, which
* has shell-style assignments, assigning to, among other
* values, DISTRIB_ID (distributor/distribution name),
* DISTRIB_RELEASE (release number of the distribution),
* DISTRIB_DESCRIPTION (*might* be name followed by version,
* but the manpage for lsb_release seems to indicate that's
* not guaranteed), and DISTRIB_CODENAME (code name, e.g.
* "licentious" for the Ubuntu Licentious Lemur release).
* the lsb_release man page also speaks of the distrib-release
* file, but Debian doesn't have one, and Ubuntu 7's
* lsb_release command doesn't look for one.
*
* I've seen references to /etc/redhat-release as well.
*
* At least on my Ubuntu 7 system, /etc/debian_version
* doesn't contain anything interesting (just some Debian
* codenames).
*
* See also
*
* http://bugs.python.org/issue1322
*
* http://www.novell.com/coolsolutions/feature/11251.html
*
* http://linuxmafia.com/faq/Admin/release-files.html
*
* and the Lib/Platform.py file in recent Python 2.x
* releases.
*/
g_string_append_printf(str, "%s %s", name.sysname, name.release);
#endif /* HAVE_OS_X_FRAMEWORKS */
}
#else
g_string_append(str, "an unknown OS");
#endif
}
/**
* Open a pipe for raw input. This is a stripped-down version of
* pcap_loop.c:cap_pipe_open_live().
* We check if "pipe_name" is "-" (stdin) or a FIFO, and open it.
* @param pipe_name The name of the pipe or FIFO.
* @return A POSIX file descriptor on success, or -1 on failure.
*/
static int
raw_pipe_open(const char *pipe_name)
{
#ifndef _WIN32
struct stat pipe_stat;
#else
char *pncopy, *pos;
DWORD err;
wchar_t *err_str;
HANDLE hPipe = NULL;
#endif
int rfd;
g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "open_raw_pipe: %s", pipe_name);
/*
* XXX Rawshark blocks until we return
*/
if (strcmp(pipe_name, "-") == 0) {
rfd = 0; /* read from stdin */
#ifdef _WIN32
/*
* This is needed to set the stdin pipe into binary mode, otherwise
* CR/LF are mangled...
*/
_setmode(0, _O_BINARY);
#endif /* _WIN32 */
} else {
#ifndef _WIN32
if (ws_stat(pipe_name, &pipe_stat) < 0) {
fprintf(stderr, "rawshark: The pipe %s could not be checked: %s\n",
pipe_name, strerror(errno));
return -1;
}
if (! S_ISFIFO(pipe_stat.st_mode)) {
if (S_ISCHR(pipe_stat.st_mode)) {
/*
* Assume the user specified an interface on a system where
* interfaces are in /dev. Pretend we haven't seen it.
*/
} else
{
fprintf(stderr, "rawshark: \"%s\" is neither an interface nor a pipe\n",
pipe_name);
}
return -1;
}
rfd = ws_open(pipe_name, O_RDONLY | O_NONBLOCK, 0000 /* no creation so don't matter */);
if (rfd == -1) {
fprintf(stderr, "rawshark: \"%s\" could not be opened: %s\n",
pipe_name, strerror(errno));
return -1;
}
#else /* _WIN32 */
#define PIPE_STR "\\pipe\\"
/* Under Windows, named pipes _must_ have the form
* "\\<server>\pipe\<pipe_name>". <server> may be "." for localhost.
*/
pncopy = g_strdup(pipe_name);
if (strstr(pncopy, "\\\\") == pncopy) {
pos = strchr(pncopy + 3, '\\');
if (pos && g_ascii_strncasecmp(pos, PIPE_STR, strlen(PIPE_STR)) != 0)
pos = NULL;
}
g_free(pncopy);
if (!pos) {
fprintf(stderr, "rawshark: \"%s\" is neither an interface nor a pipe\n",
pipe_name);
return -1;
}
/* Wait for the pipe to appear */
while (1) {
hPipe = CreateFile(utf_8to16(pipe_name), GENERIC_READ, 0, NULL,
OPEN_EXISTING, 0, NULL);
if (hPipe != INVALID_HANDLE_VALUE)
break;
err = GetLastError();
if (err != ERROR_PIPE_BUSY) {
FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_ALLOCATE_BUFFER,
NULL, err, 0, (LPTSTR) &err_str, 0, NULL);
fprintf(stderr, "rawshark: \"%s\" could not be opened: %s (error %d)\n",
pipe_name, utf_16to8(err_str), err);
LocalFree(err_str);
return -1;
}
if (!WaitNamedPipe(utf_8to16(pipe_name), 30 * 1000)) {
err = GetLastError();
FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_ALLOCATE_BUFFER,
NULL, err, 0, (LPTSTR) &err_str, 0, NULL);
fprintf(stderr, "rawshark: \"%s\" could not be waited for: %s (error %d)\n",
pipe_name, utf_16to8(err_str), err);
LocalFree(err_str);
return -1;
}
}
rfd = _open_osfhandle((long) hPipe, _O_RDONLY);
if (rfd == -1) {
fprintf(stderr, "rawshark: \"%s\" could not be opened: %s\n",
pipe_name, strerror(errno));
return -1;
}
#endif /* _WIN32 */
}
return rfd;
}