static void
exp_pdu_file_open(exp_pdu_t *exp_pdu_tap_data)
{
char *tmpname, *capfile_name;
int err;
/* pcapng defs */
wtap_optionblock_t shb_hdr;
wtapng_iface_descriptions_t *idb_inf;
wtap_optionblock_t int_data;
wtapng_if_descr_mandatory_t *int_data_mand;
GString *os_info_str;
gchar *opt_comment, *wireshark_ver;
/* Create data for SHB */
os_info_str = g_string_new("");
get_os_version_info(os_info_str);
shb_hdr = wtap_optionblock_create(WTAP_OPTION_BLOCK_NG_SECTION);
/* options */
opt_comment = g_strdup_printf("Dump of PDUs from %s", cfile.filename);
wtap_optionblock_set_option_string(shb_hdr, OPT_COMMENT, opt_comment);
g_free(opt_comment);
/*
* UTF-8 string containing the name of the operating system used to create
* this section.
*/
wtap_optionblock_set_option_string(shb_hdr, OPT_SHB_OS, g_string_free(os_info_str, TRUE));
/*
* UTF-8 string containing the name of the application used to create
* this section.
*/
wireshark_ver = g_strdup_printf("Wireshark %s", get_ws_vcs_version_info());
wtap_optionblock_set_option_string(shb_hdr, OPT_SHB_USERAPPL, wireshark_ver);
g_free(wireshark_ver);
/* Create fake IDB info */
idb_inf = g_new(wtapng_iface_descriptions_t,1);
idb_inf->interface_data = g_array_new(FALSE, FALSE, sizeof(wtap_optionblock_t));
/* create the fake interface data */
int_data = wtap_optionblock_create(WTAP_OPTION_BLOCK_IF_DESCR);
int_data_mand = (wtapng_if_descr_mandatory_t*)wtap_optionblock_get_mandatory_data(int_data);
int_data_mand->wtap_encap = WTAP_ENCAP_WIRESHARK_UPPER_PDU;
int_data_mand->time_units_per_second = 1000000000; /* default nanosecond resolution */
int_data_mand->link_type = wtap_wtap_encap_to_pcap_encap(WTAP_ENCAP_WIRESHARK_UPPER_PDU);
int_data_mand->snap_len = WTAP_MAX_PACKET_SIZE;
wtap_optionblock_set_option_string(int_data, OPT_IDB_NAME, "Fake IF, PDU->Export");
wtap_optionblock_set_option_uint8(int_data, OPT_IDB_TSRESOL, 9);
g_array_append_val(idb_inf->interface_data, int_data);
/* Use a random name for the temporary import buffer */
exp_pdu_tap_data->wdh = wtap_dump_open_tempfile_ng(&tmpname, "Wireshark_PDU_",
WTAP_FILE_TYPE_SUBTYPE_PCAPNG,
WTAP_ENCAP_WIRESHARK_UPPER_PDU, WTAP_MAX_PACKET_SIZE,
FALSE, shb_hdr, idb_inf, NULL, &err);
capfile_name = g_strdup(tmpname);
if (exp_pdu_tap_data->wdh == NULL) {
open_failure_alert_box(capfile_name ? capfile_name : "temporary file", err, TRUE);
goto end;
}
/* Run the tap */
cf_retap_packets(&cfile);
if (!wtap_dump_close(exp_pdu_tap_data->wdh, &err)) {
write_failure_alert_box(capfile_name, err);
}
remove_tap_listener(exp_pdu_tap_data);
/* XXX: should this use the open_routine type in the cfile instead of WTAP_TYPE_AUTO? */
if (cf_open(&cfile, capfile_name, WTAP_TYPE_AUTO, TRUE /* temporary file */, &err) != CF_OK) {
open_failure_alert_box(capfile_name, err, FALSE);
goto end;
}
switch (cf_read(&cfile, FALSE)) {
case CF_READ_OK:
case CF_READ_ERROR:
/* Just because we got an error, that doesn't mean we were unable
to read any of the file; we handle what we could get from the
file. */
break;
case CF_READ_ABORTED:
/* The user bailed out of re-reading the capture file; the
capture file has been closed - just free the capture file name
string and return (without changing the last containing
directory). */
break;
}
end:
g_free(capfile_name);
wtap_optionblock_free(shb_hdr);
wtap_free_idb_info(idb_inf);
}
/*
* Merges the files to an output file whose name is supplied as an argument,
* based on given input, and invokes callback during execution. Returns
* MERGE_OK on success, or a MERGE_ERR_XXX on failure.
*/
merge_result
merge_files(const gchar* out_filename, const int file_type,
const char *const *in_filenames, const guint in_file_count,
const gboolean do_append, const idb_merge_mode mode,
guint snaplen, const gchar *app_name, merge_progress_callback_t* cb,
int *err, gchar **err_info, guint *err_fileno,
guint32 *err_framenum)
{
merge_in_file_t *in_files = NULL;
int frame_type = WTAP_ENCAP_PER_PACKET;
merge_result status = MERGE_OK;
wtap_dumper *pdh;
GArray *shb_hdrs = NULL;
wtapng_iface_descriptions_t *idb_inf = NULL;
g_assert(out_filename != NULL);
g_assert(in_file_count > 0);
g_assert(in_filenames != NULL);
g_assert(err != NULL);
g_assert(err_info != NULL);
g_assert(err_fileno != NULL);
g_assert(err_framenum != NULL);
/* if a callback was given, it has to have a callback function ptr */
g_assert((cb != NULL) ? (cb->callback_func != NULL) : TRUE);
merge_debug("merge_files: begin");
/* open the input files */
if (!merge_open_in_files(in_file_count, in_filenames, &in_files, cb,
err, err_info, err_fileno)) {
merge_debug("merge_files: merge_open_in_files() failed with err=%d", *err);
*err_framenum = 0;
return MERGE_ERR_CANT_OPEN_INFILE;
}
if (snaplen == 0) {
/* Snapshot length not specified - default to the maximum. */
snaplen = WTAP_MAX_PACKET_SIZE_STANDARD;
}
/*
* This doesn't tell us that much. It tells us what to set the outfile's
* encap type to, but that's all - for example, it does *not* tells us
* whether the input files had the same number of IDBs, for the same exact
* interfaces, and only one IDB each, so it doesn't actually tell us
* whether we can merge IDBs into one or not.
*/
frame_type = merge_select_frame_type(in_file_count, in_files);
merge_debug("merge_files: got frame_type=%d", frame_type);
if (cb)
cb->callback_func(MERGE_EVENT_FRAME_TYPE_SELECTED, frame_type, in_files, in_file_count, cb->data);
/* prepare the outfile */
if (file_type == WTAP_FILE_TYPE_SUBTYPE_PCAPNG) {
shb_hdrs = create_shb_header(in_files, in_file_count, app_name);
merge_debug("merge_files: SHB created");
idb_inf = generate_merged_idb(in_files, in_file_count, mode);
merge_debug("merge_files: IDB merge operation complete, got %u IDBs", idb_inf ? idb_inf->interface_data->len : 0);
pdh = wtap_dump_open_ng(out_filename, file_type, frame_type, snaplen,
FALSE /* compressed */, shb_hdrs, idb_inf,
NULL, err);
}
else {
pdh = wtap_dump_open(out_filename, file_type, frame_type, snaplen,
FALSE /* compressed */, err);
}
if (pdh == NULL) {
merge_close_in_files(in_file_count, in_files);
g_free(in_files);
wtap_block_array_free(shb_hdrs);
wtap_free_idb_info(idb_inf);
*err_framenum = 0;
return MERGE_ERR_CANT_OPEN_OUTFILE;
}
if (cb)
cb->callback_func(MERGE_EVENT_READY_TO_MERGE, 0, in_files, in_file_count, cb->data);
status = merge_process_packets(pdh, file_type, in_files, in_file_count,
do_append, snaplen, cb, err, err_info,
err_fileno, err_framenum);
g_free(in_files);
wtap_block_array_free(shb_hdrs);
wtap_free_idb_info(idb_inf);
return status;
}
/*
* Merges the files based on given input, and invokes callback during
* execution. Returns MERGE_OK on success, or a MERGE_ERR_XXX on failure; note
* that the passed-in 'err' variable will be more specific to what failed, and
* err_info will have pretty output.
*/
merge_result
merge_files(int out_fd, const gchar* out_filename, const int file_type,
const char *const *in_filenames, const guint in_file_count,
const gboolean do_append, const idb_merge_mode mode,
guint snaplen, const gchar *app_name, merge_progress_callback_t* cb,
int *err, gchar **err_info, guint *err_fileno)
{
merge_in_file_t *in_files = NULL, *in_file = NULL;
int frame_type = WTAP_ENCAP_PER_PACKET;
merge_result status = MERGE_OK;
wtap_dumper *pdh;
struct wtap_pkthdr *phdr, snap_phdr;
int count = 0;
gboolean stop_flag = FALSE;
GArray *shb_hdrs = NULL;
wtapng_iface_descriptions_t *idb_inf = NULL;
g_assert(out_fd > 0);
g_assert(in_file_count > 0);
g_assert(in_filenames != NULL);
g_assert(err != NULL);
g_assert(err_info != NULL);
g_assert(err_fileno != NULL);
/* if a callback was given, it has to have a callback function ptr */
g_assert((cb != NULL) ? (cb->callback_func != NULL) : TRUE);
merge_debug("merge_files: begin");
/* open the input files */
if (!merge_open_in_files(in_file_count, in_filenames, &in_files,
err, err_info, err_fileno)) {
merge_debug("merge_files: merge_open_in_files() failed with err=%d", *err);
return MERGE_ERR_CANT_OPEN_INFILE;
}
if (cb)
cb->callback_func(MERGE_EVENT_INPUT_FILES_OPENED, 0, in_files, in_file_count, cb->data);
if (snaplen == 0) {
/* Snapshot length not specified - default to the maximum. */
snaplen = WTAP_MAX_PACKET_SIZE;
}
/*
* This doesn't tell us that much. It tells us what to set the outfile's
* encap type to, but that's all - for example, it does *not* tells us
* whether the input files had the same number of IDBs, for the same exact
* interfaces, and only one IDB each, so it doesn't actually tell us
* whether we can merge IDBs into one or not.
*/
frame_type = merge_select_frame_type(in_file_count, in_files);
merge_debug("merge_files: got frame_type=%d", frame_type);
if (cb)
cb->callback_func(MERGE_EVENT_FRAME_TYPE_SELECTED, frame_type, in_files, in_file_count, cb->data);
/* prepare the outfile */
if (file_type == WTAP_FILE_TYPE_SUBTYPE_PCAPNG) {
shb_hdrs = create_shb_header(in_files, in_file_count, app_name);
merge_debug("merge_files: SHB created");
idb_inf = generate_merged_idb(in_files, in_file_count, mode);
merge_debug("merge_files: IDB merge operation complete, got %u IDBs", idb_inf ? idb_inf->interface_data->len : 0);
pdh = wtap_dump_fdopen_ng(out_fd, file_type, frame_type, snaplen,
FALSE /* compressed */, shb_hdrs, idb_inf,
NULL, err);
}
else {
pdh = wtap_dump_fdopen(out_fd, file_type, frame_type, snaplen, FALSE /* compressed */, err);
}
if (pdh == NULL) {
merge_close_in_files(in_file_count, in_files);
g_free(in_files);
wtap_block_array_free(shb_hdrs);
wtap_free_idb_info(idb_inf);
return MERGE_ERR_CANT_OPEN_OUTFILE;
}
if (cb)
cb->callback_func(MERGE_EVENT_READY_TO_MERGE, 0, in_files, in_file_count, cb->data);
for (;;) {
*err = 0;
if (do_append) {
in_file = merge_append_read_packet(in_file_count, in_files, err,
err_info);
}
else {
in_file = merge_read_packet(in_file_count, in_files, err,
err_info);
}
if (in_file == NULL) {
/* EOF */
break;
}
if (*err != 0) {
/* I/O error reading from in_file */
status = MERGE_ERR_CANT_READ_INFILE;
break;
}
count++;
if (cb)
stop_flag = cb->callback_func(MERGE_EVENT_PACKET_WAS_READ, count, in_files, in_file_count, cb->data);
if (stop_flag) {
/* The user decided to abort the merge. */
status = MERGE_USER_ABORTED;
break;
}
phdr = wtap_phdr(in_file->wth);
if (snaplen != 0 && phdr->caplen > snaplen) {
/*
* The dumper will only write up to caplen bytes out, so we only
* need to change that value, instead of cloning the whole packet
* with fewer bytes.
*
* XXX: but do we need to change the IDBs' snap_len?
*/
snap_phdr = *phdr;
snap_phdr.caplen = snaplen;
phdr = &snap_phdr;
}
if (file_type == WTAP_FILE_TYPE_SUBTYPE_PCAPNG) {
/*
* XXX - We should do this only for record types
* that pertain to a particular interface; for
* now, we hardcode that, but we need to figure
* out a more general way to handle this.
*/
if (phdr->rec_type == REC_TYPE_PACKET) {
if (!map_phdr_interface_id(phdr, in_file)) {
status = MERGE_ERR_BAD_PHDR_INTERFACE_ID;
break;
}
}
}
if (!wtap_dump(pdh, phdr, wtap_buf_ptr(in_file->wth), err, err_info)) {
status = MERGE_ERR_CANT_WRITE_OUTFILE;
break;
}
}
if (cb)
cb->callback_func(MERGE_EVENT_DONE, count, in_files, in_file_count, cb->data);
merge_close_in_files(in_file_count, in_files);
if (status == MERGE_OK || status == MERGE_USER_ABORTED) {
if (!wtap_dump_close(pdh, err))
status = MERGE_ERR_CANT_CLOSE_OUTFILE;
} else {
/*
* We already got some error; no need to report another error on
* close.
*
* Don't overwrite the earlier error.
*/
int close_err = 0;
(void)wtap_dump_close(pdh, &close_err);
}
if (status != MERGE_OK) {
GString *err_message = NULL;
gchar *display_basename = NULL;
switch(status) {
case MERGE_ERR_CANT_READ_INFILE:
*err_info = get_read_error_string(in_files, in_file_count, err, err_info);
break;
case MERGE_ERR_CANT_WRITE_OUTFILE: /* fall through */
case MERGE_ERR_CANT_CLOSE_OUTFILE:
*err_info = get_write_error_string(in_file, file_type, out_filename, err, err_info);
break;
case MERGE_ERR_BAD_PHDR_INTERFACE_ID:
display_basename = g_filename_display_basename(in_file ? in_file->filename : "UNKNOWN");
if (*err_info != NULL)
g_free(*err_info);
err_message = g_string_new("");
g_string_printf(err_message,
"Record %u of \"%s\" has an interface ID which does not match any IDB in its file.",
in_file ? in_file->packet_num : 0, display_basename);
g_free(display_basename);
*err_info = g_string_free(err_message, FALSE);
break;
case MERGE_USER_ABORTED: /* not really an error */
default:
break;
}
}
g_free(in_files);
wtap_block_array_free(shb_hdrs);
wtap_free_idb_info(idb_inf);
return status;
}
/*
* Opens an .xml file with Trace data formated according to 3GPP TS 32.423 and converts it to
* an "Exported PDU type file with the entire xml file as the first "packet" appending the
* raw messages as subsequent packages to be dissected by wireshark.
*/
static wtap_open_return_val
create_temp_pcapng_file(wtap *wth, int *err, gchar **err_info, nettrace_3gpp_32_423_file_info_t *file_info)
{
int import_file_fd;
wtap_dumper* wdh_exp_pdu;
int exp_pdu_file_err;
wtap_open_return_val result = WTAP_OPEN_MINE;
/* pcapng defs */
wtapng_section_t *shb_hdr = NULL;
wtapng_iface_descriptions_t *idb_inf = NULL;
wtapng_if_descr_t int_data;
GString *os_info_str;
gint64 file_size;
int packet_size;
guint8 *packet_buf = NULL;
int wrt_err;
gchar *wrt_err_info = NULL;
struct wtap_pkthdr phdr;
gboolean do_random = FALSE;
char *curr_pos, *next_pos;
import_file_fd = create_tempfile(&(file_info->tmpname), "Wireshark_PDU_");
/* Now open a file and dump to it */
/* Create data for SHB */
os_info_str = g_string_new("");
get_os_version_info(os_info_str);
shb_hdr = g_new(wtapng_section_t, 1);
shb_hdr->section_length = -1;
/* options */
shb_hdr->opt_comment = g_strdup_printf("File converted to Exported PDU format during opening");
/*
* UTF-8 string containing the description of the hardware used to create
* this section.
*/
shb_hdr->shb_hardware = NULL;
/*
* UTF-8 string containing the name of the operating system used to create
* this section.
*/
shb_hdr->shb_os = g_string_free(os_info_str, FALSE);
/*
* UTF-8 string containing the name of the application used to create
* this section.
*/
shb_hdr->shb_user_appl = g_strdup_printf("Wireshark %s", get_ws_vcs_version_info());
/* Create fake IDB info */
idb_inf = g_new(wtapng_iface_descriptions_t, 1);
idb_inf->interface_data = g_array_new(FALSE, FALSE, sizeof(wtapng_if_descr_t));
/* create the fake interface data */
int_data.wtap_encap = WTAP_ENCAP_WIRESHARK_UPPER_PDU;
int_data.time_units_per_second = 1000000; /* default microsecond resolution */
int_data.link_type = wtap_wtap_encap_to_pcap_encap(WTAP_ENCAP_WIRESHARK_UPPER_PDU);
int_data.snap_len = WTAP_MAX_PACKET_SIZE;
int_data.if_name = g_strdup("Fake IF");
int_data.opt_comment = NULL;
int_data.if_description = NULL;
int_data.if_speed = 0;
int_data.if_tsresol = 6;
int_data.if_filter_str = NULL;
int_data.bpf_filter_len = 0;
int_data.if_filter_bpf_bytes = NULL;
int_data.if_os = NULL;
int_data.if_fcslen = -1;
int_data.num_stat_entries = 0; /* Number of ISB:s */
int_data.interface_statistics = NULL;
g_array_append_val(idb_inf->interface_data, int_data);
wdh_exp_pdu = wtap_dump_fdopen_ng(import_file_fd, WTAP_FILE_TYPE_SUBTYPE_PCAPNG, WTAP_ENCAP_WIRESHARK_UPPER_PDU,
WTAP_MAX_PACKET_SIZE, FALSE, shb_hdr, idb_inf, NULL, &exp_pdu_file_err);
if (wdh_exp_pdu == NULL) {
result = WTAP_OPEN_ERROR;
goto end;
}
/* OK we've opend a new pcap-ng file and written the headers, time to do the packets, strt by finding the file size */
if ((file_size = wtap_file_size(wth, err)) == -1) {
result = WTAP_OPEN_ERROR;
goto end;
}
if (file_size > MAX_FILE_SIZE) {
/*
* Don't blow up trying to allocate space for an
* immensely-large file.
*/
*err = WTAP_ERR_BAD_FILE;
*err_info = g_strdup_printf("mime_file: File has %" G_GINT64_MODIFIER "d-byte packet, bigger than maximum of %u",
file_size, MAX_FILE_SIZE);
result = WTAP_OPEN_ERROR;
goto end;
}
packet_size = (int)file_size;
/* Allocate the packet buffer
* (the whole file + Exported PDU tag "protocol" and
* the string "xml" + 1 filler to end on 4 byte boundary for the tag
* + End of options 4 bytes
*/
/* XXX add the length of exported bdu tag(s) here */
packet_buf = (guint8 *)g_malloc(packet_size + 12);
packet_buf[0] = 0;
packet_buf[1] = 12; /* EXP_PDU_TAG_PROTO_NAME */
packet_buf[2] = 0;
packet_buf[3] = 4;
packet_buf[4] = 0x78; /* "x" */
packet_buf[5] = 0x6d; /* "m" */
packet_buf[6] = 0x6c; /* "l" */
packet_buf[7] = 0;
/* End of options */
packet_buf[8] = 0;
packet_buf[9] = 0;
packet_buf[10] = 0;
packet_buf[11] = 0;
if (!wtap_read_bytes(wth->fh, packet_buf + 12, packet_size, &wrt_err, &wrt_err_info)){
result = WTAP_OPEN_ERROR;
goto end;
}
/* Create the packet header */
memset(&phdr, 0, sizeof(struct wtap_pkthdr));
phdr.rec_type = REC_TYPE_PACKET;
phdr.presence_flags = 0; /* yes, we have no bananas^Wtime stamp */
phdr.caplen = packet_size + 12;
phdr.len = packet_size + 12;
phdr.ts.secs = 0;
phdr.ts.nsecs = 0;
/* XXX: report errors! */
if (!wtap_dump(wdh_exp_pdu, &phdr, packet_buf, &wrt_err, &wrt_err_info)) {
switch (wrt_err) {
case WTAP_ERR_UNWRITABLE_REC_DATA:
g_free(wrt_err_info);
wrt_err_info = NULL;
break;
default:
break;
}
result = WTAP_OPEN_ERROR;
goto end;
}
/* Advance *packet_buf to point at the raw file data */
curr_pos = packet_buf + 12;
/* Lets add the raw messages as packets after the main "packet" with the whole file */
while ((curr_pos = strstr(curr_pos, "<msg")) != NULL){
wtap_open_return_val temp_val;
curr_pos = curr_pos + 4;
next_pos = strstr(curr_pos, "</msg>");
if (!next_pos){
/* Somethings wrong, bail out */
break;
}
next_pos = next_pos + 6;
/* Do we have a raw msg?) */
curr_pos = strstr(curr_pos, "<rawMsg");
if (!curr_pos){
/* No rawMsg, continue */
curr_pos = next_pos;
continue;
}
curr_pos = curr_pos + 7;
/* Add the raw msg*/
temp_val = write_packet_data(wdh_exp_pdu, &phdr, &wrt_err, &wrt_err_info, curr_pos);
if (temp_val != WTAP_OPEN_MINE){
result = temp_val;
goto end;
}
curr_pos = next_pos;
}
/* Close the written file*/
if (!wtap_dump_close(wdh_exp_pdu, err)){
result = WTAP_OPEN_ERROR;
goto end;
}
/* Now open the file for reading */
/* Find out if random read was requested */
if (wth->random_fh){
do_random = TRUE;
}
file_info->wth_tmp_file =
wtap_open_offline(file_info->tmpname, WTAP_TYPE_AUTO, err, err_info, do_random);
if (!file_info->wth_tmp_file){
result = WTAP_OPEN_ERROR;
goto end;
}
end:
g_free(wrt_err_info);
g_free(packet_buf);
wtap_free_shb(shb_hdr);
wtap_free_idb_info(idb_inf);
return result;
}