From 147b3d5149ec6cfce1489f9922cc5e4ac0ca2209 Mon Sep 17 00:00:00 2001 From: Michael Mann Date: Sun, 19 Jun 2016 02:33:13 -0400 Subject: Ability to invoke "Decode As..." as command-line argument for GUIshark. TShark has had the functionality for awhile. While the GUI version still has ways to change and persist Decode As functionality, adding command line functionality gives the Decode As from initial launch of the GUI. Was also an excuse to refactor a bunch of code out of tshark.c Bug: 5143 Change-Id: Ie67007d75e897bc06cc9afd9b84372a96b93778c Reviewed-on: https://code.wireshark.org/review/16008 Reviewed-by: Michael Mann --- docbook/release-notes.asciidoc | 3 +- docbook/wsug_src/WSUG_chapter_customize.asciidoc | 3 + tfshark.c | 418 +--------------------- tshark.c | 420 +---------------------- ui/commandline.c | 12 +- ui/decode_as_utils.c | 410 ++++++++++++++++++++++ ui/decode_as_utils.h | 8 + 7 files changed, 438 insertions(+), 836 deletions(-) diff --git a/docbook/release-notes.asciidoc b/docbook/release-notes.asciidoc index c9b37d2671..313f921b53 100644 --- a/docbook/release-notes.asciidoc +++ b/docbook/release-notes.asciidoc @@ -26,7 +26,8 @@ used for troubleshooting, analysis, development and education. The following features are new (or have been significantly updated) since version 2.1.0: -* +* Added -d option for Decode As support in Wireshark (mimics TShark + functionality) The following features are new (or have been significantly updated) since version 2.0.0: diff --git a/docbook/wsug_src/WSUG_chapter_customize.asciidoc b/docbook/wsug_src/WSUG_chapter_customize.asciidoc index 9e0dd1a89f..abcbf17948 100644 --- a/docbook/wsug_src/WSUG_chapter_customize.asciidoc +++ b/docbook/wsug_src/WSUG_chapter_customize.asciidoc @@ -77,6 +77,9 @@ Processing: -R packet filter in Wireshark display filter syntax -n disable all name resolutions (def: all enabled) -N enable specific name resolution(s): "mnNtCd" + -d ==, ... + "Decode As", see the man page for details + Example: tcp.port==8888,http --disable-protocol disable dissection of proto_name --enable-heuristic diff --git a/tfshark.c b/tfshark.c index ae267614e6..7b8febc1ac 100644 --- a/tfshark.c +++ b/tfshark.c @@ -68,6 +68,7 @@ #include #include #include "ui/util.h" +#include "ui/decode_as_utils.h" #include "register.h" #include #include @@ -93,12 +94,6 @@ #include #endif -/* - * This is the template for the decode as option; it is shared between the - * various functions that output the usage for this parameter. - */ -static const gchar decode_as_arg_template[] = "==,"; - static guint32 cum_bytes; static const frame_data *ref; static frame_data ref_frame; @@ -198,7 +193,7 @@ print_usage(FILE *output) fprintf(output, " -R packet Read filter in Wireshark display filter syntax\n"); fprintf(output, " -Y packet displaY filter in Wireshark display filter\n"); fprintf(output, " syntax\n"); - fprintf(output, " -d %s ...\n", decode_as_arg_template); + fprintf(output, " -d %s ...\n", DECODE_AS_ARG_TEMPLATE); fprintf(output, " \"Decode As\", see the man page for details\n"); fprintf(output, " Example: tcp.port==8888,http\n"); @@ -270,413 +265,6 @@ glossary_option_help(void) fprintf(output, "\n"); } -/* - * For a dissector table, print on the stream described by output, - * its short name (which is what's used in the "-d" option) and its - * descriptive name. - */ -static void -display_dissector_table_names(const char *table_name, const char *ui_name, - gpointer output) -{ - if ((prev_display_dissector_name == NULL) || - (strcmp(prev_display_dissector_name, table_name) != 0)) { - fprintf((FILE *)output, "\t%s (%s)\n", table_name, ui_name); - prev_display_dissector_name = table_name; - } -} - -/* - * For a dissector handle, print on the stream described by output, - * the filter name (which is what's used in the "-d" option) and the full - * name for the protocol that corresponds to this handle. - */ -static void -display_dissector_names(const gchar *table _U_, gpointer handle, gpointer output) -{ - int proto_id; - const gchar *proto_filter_name; - const gchar *proto_ui_name; - - proto_id = dissector_handle_get_protocol_index((dissector_handle_t)handle); - - if (proto_id != -1) { - proto_filter_name = proto_get_protocol_filter_name(proto_id); - proto_ui_name = proto_get_protocol_name(proto_id); - g_assert(proto_filter_name != NULL); - g_assert(proto_ui_name != NULL); - - if ((prev_display_dissector_name == NULL) || - (strcmp(prev_display_dissector_name, proto_filter_name) != 0)) { - fprintf((FILE *)output, "\t%s (%s)\n", - proto_filter_name, - proto_ui_name); - prev_display_dissector_name = proto_filter_name; - } - } -} - -/* - * The protocol_name_search structure is used by find_protocol_name_func() - * to pass parameters and store results - */ -struct protocol_name_search{ - gchar *searched_name; /* Protocol filter name we are looking for */ - dissector_handle_t matched_handle; /* Handle for a dissector whose protocol has the specified filter name */ - guint nb_match; /* How many dissectors matched searched_name */ -}; -typedef struct protocol_name_search *protocol_name_search_t; - -/* - * This function parses all dissectors associated with a table to find the - * one whose protocol has the specified filter name. It is called - * as a reference function in a call to dissector_table_foreach_handle. - * The name we are looking for, as well as the results, are stored in the - * protocol_name_search struct pointed to by user_data. - * If called using dissector_table_foreach_handle, we actually parse the - * whole list of dissectors. - */ -static void -find_protocol_name_func(const gchar *table _U_, gpointer handle, gpointer user_data) - -{ - int proto_id; - const gchar *protocol_filter_name; - protocol_name_search_t search_info; - - g_assert(handle); - - search_info = (protocol_name_search_t)user_data; - - proto_id = dissector_handle_get_protocol_index((dissector_handle_t)handle); - if (proto_id != -1) { - protocol_filter_name = proto_get_protocol_filter_name(proto_id); - g_assert(protocol_filter_name != NULL); - if (strcmp(protocol_filter_name, search_info->searched_name) == 0) { - /* Found a match */ - if (search_info->nb_match == 0) { - /* Record this handle only if this is the first match */ - search_info->matched_handle = (dissector_handle_t)handle; /* Record the handle for this matching dissector */ - } - search_info->nb_match++; - } - } -} - -/* - * Allow dissector key names to be sorted alphabetically - */ - -static gint -compare_dissector_key_name(gconstpointer dissector_a, gconstpointer dissector_b) -{ - return strcmp((const char*)dissector_a, (const char*)dissector_b); -} - -/* - * Print all layer type names supported. - * We send the output to the stream described by the handle output. - */ - -static void -fprint_all_layer_types(FILE *output) - -{ - prev_display_dissector_name = NULL; - dissector_all_tables_foreach_table(display_dissector_table_names, (gpointer)output, (GCompareFunc)compare_dissector_key_name); -} - -/* - * Print all protocol names supported for a specific layer type. - * table_name contains the layer type name in which the search is performed. - * We send the output to the stream described by the handle output. - */ - -static void -fprint_all_protocols_for_layer_types(FILE *output, gchar *table_name) - -{ - prev_display_dissector_name = NULL; - dissector_table_foreach_handle(table_name, - display_dissector_names, - (gpointer)output); -} - -/* - * The function below parses the command-line parameters for the decode as - * feature (a string pointer by cl_param). - * It checks the format of the command-line, searches for a matching table - * and dissector. If a table/dissector match is not found, we display a - * summary of the available tables/dissectors (on stderr) and return FALSE. - * If everything is fine, we get the "Decode as" preference activated, - * then we return TRUE. - */ -static gboolean -add_decode_as(const gchar *cl_param) -{ - gchar *table_name; - guint32 selector, selector2; - gchar *decoded_param; - gchar *remaining_param; - gchar *selector_str; - gchar *dissector_str; - dissector_handle_t dissector_matching; - dissector_table_t table_matching; - ftenum_t dissector_table_selector_type; - struct protocol_name_search user_protocol_name; - guint64 i; - char op; - - /* The following code will allocate and copy the command-line options in a string pointed by decoded_param */ - - g_assert(cl_param); - decoded_param = g_strdup(cl_param); - g_assert(decoded_param); - - - /* The lines below will parse this string (modifying it) to extract all - necessary information. Note that decoded_param is still needed since - strings are not copied - we just save pointers. */ - - /* This section extracts a layer type (table_name) from decoded_param */ - table_name = decoded_param; /* Layer type string starts from beginning */ - - remaining_param = strchr(table_name, '='); - if (remaining_param == NULL) { - cmdarg_err("Parameter \"%s\" doesn't follow the template \"%s\"", cl_param, decode_as_arg_template); - /* If the argument does not follow the template, carry on anyway to check - if the table name is at least correct. If remaining_param is NULL, - we'll exit anyway further down */ - } - else { - *remaining_param = '\0'; /* Terminate the layer type string (table_name) where '=' was detected */ - } - - /* Remove leading and trailing spaces from the table name */ - while ( table_name[0] == ' ' ) - table_name++; - while ( table_name[strlen(table_name) - 1] == ' ' ) - table_name[strlen(table_name) - 1] = '\0'; /* Note: if empty string, while loop will eventually exit */ - -/* The following part searches a table matching with the layer type specified */ - table_matching = NULL; - -/* Look for the requested table */ - if ( !(*(table_name)) ) { /* Is the table name empty, if so, don't even search for anything, display a message */ - cmdarg_err("No layer type specified"); /* Note, we don't exit here, but table_matching will remain NULL, so we exit below */ - } - else { - table_matching = find_dissector_table(table_name); - if (!table_matching) { - cmdarg_err("Unknown layer type -- %s", table_name); /* Note, we don't exit here, but table_matching will remain NULL, so we exit below */ - } - } - - if (!table_matching) { - /* Display a list of supported layer types to help the user, if the - specified layer type was not found */ - cmdarg_err("Valid layer types are:"); - fprint_all_layer_types(stderr); - } - if (remaining_param == NULL || !table_matching) { - /* Exit if the layer type was not found, or if no '=' separator was found - (see above) */ - g_free(decoded_param); - return FALSE; - } - - if (*(remaining_param + 1) != '=') { /* Check for "==" and not only '=' */ - cmdarg_err("WARNING: -d requires \"==\" instead of \"=\". Option will be treated as \"%s==%s\"", table_name, remaining_param + 1); - } - else { - remaining_param++; /* Move to the second '=' */ - *remaining_param = '\0'; /* Remove the second '=' */ - } - remaining_param++; /* Position after the layer type string */ - - /* This section extracts a selector value (selector_str) from decoded_param */ - - selector_str = remaining_param; /* Next part starts with the selector number */ - - remaining_param = strchr(selector_str, ','); - if (remaining_param == NULL) { - cmdarg_err("Parameter \"%s\" doesn't follow the template \"%s\"", cl_param, decode_as_arg_template); - /* If the argument does not follow the template, carry on anyway to check - if the selector value is at least correct. If remaining_param is NULL, - we'll exit anyway further down */ - } - else { - *remaining_param = '\0'; /* Terminate the selector number string (selector_str) where ',' was detected */ - } - - dissector_table_selector_type = get_dissector_table_selector_type(table_name); - - switch (dissector_table_selector_type) { - - case FT_UINT8: - case FT_UINT16: - case FT_UINT24: - case FT_UINT32: - /* The selector for this table is an unsigned number. Parse it as such. - There's no need to remove leading and trailing spaces from the - selector number string, because sscanf will do that for us. */ - switch (sscanf(selector_str, "%u%c%u", &selector, &op, &selector2)) { - case 1: - op = '\0'; - break; - case 3: - if (op != ':' && op != '-') { - cmdarg_err("Invalid selector numeric range \"%s\"", selector_str); - g_free(decoded_param); - return FALSE; - } - if (op == ':') { - if ((selector2 == 0) || ((guint64)selector + selector2 - 1) > G_MAXUINT32) { - cmdarg_err("Invalid selector numeric range \"%s\"", selector_str); - g_free(decoded_param); - return FALSE; - } - } - else if (selector2 < selector) { - /* We could swap them for the user, but maybe it's better to call - * this out as an error in case it's not what was intended? */ - cmdarg_err("Invalid selector numeric range \"%s\"", selector_str); - g_free(decoded_param); - return FALSE; - } - break; - default: - cmdarg_err("Invalid selector number \"%s\"", selector_str); - g_free(decoded_param); - return FALSE; - } - break; - - case FT_STRING: - case FT_STRINGZ: - case FT_UINT_STRING: - case FT_STRINGZPAD: - /* The selector for this table is a string. */ - break; - - default: - /* There are currently no dissector tables with any types other - than the ones listed above. */ - g_assert_not_reached(); - } - - if (remaining_param == NULL) { - /* Exit if no ',' separator was found (see above) */ - cmdarg_err("Valid protocols for layer type \"%s\" are:", table_name); - fprint_all_protocols_for_layer_types(stderr, table_name); - g_free(decoded_param); - return FALSE; - } - - remaining_param++; /* Position after the selector number string */ - - /* This section extracts a protocol filter name (dissector_str) from decoded_param */ - - dissector_str = remaining_param; /* All the rest of the string is the dissector (decode as protocol) name */ - - /* Remove leading and trailing spaces from the dissector name */ - while ( dissector_str[0] == ' ' ) - dissector_str++; - while ( dissector_str[strlen(dissector_str) - 1] == ' ' ) - dissector_str[strlen(dissector_str) - 1] = '\0'; /* Note: if empty string, while loop will eventually exit */ - - dissector_matching = NULL; - - /* We now have a pointer to the handle for the requested table inside the variable table_matching */ - if ( ! (*dissector_str) ) { /* Is the dissector name empty, if so, don't even search for a matching dissector and display all dissectors found for the selected table */ - cmdarg_err("No protocol name specified"); /* Note, we don't exit here, but dissector_matching will remain NULL, so we exit below */ - } - else { - user_protocol_name.nb_match = 0; - user_protocol_name.searched_name = dissector_str; - user_protocol_name.matched_handle = NULL; - - dissector_table_foreach_handle(table_name, find_protocol_name_func, &user_protocol_name); /* Go and perform the search for this dissector in the this table's dissectors' names and shortnames */ - - if (user_protocol_name.nb_match != 0) { - dissector_matching = user_protocol_name.matched_handle; - if (user_protocol_name.nb_match > 1) { - cmdarg_err("WARNING: Protocol \"%s\" matched %u dissectors, first one will be used", dissector_str, user_protocol_name.nb_match); - } - } - else { - /* OK, check whether the problem is that there isn't any such - protocol, or that there is but it's not specified as a protocol - that's valid for that dissector table. - Note, we don't exit here, but dissector_matching will remain NULL, - so we exit below */ - if (proto_get_id_by_filter_name(dissector_str) == -1) { - /* No such protocol */ - cmdarg_err("Unknown protocol -- \"%s\"", dissector_str); - } else { - cmdarg_err("Protocol \"%s\" isn't valid for layer type \"%s\"", - dissector_str, table_name); - } - } - } - - if (!dissector_matching) { - cmdarg_err("Valid protocols for layer type \"%s\" are:", table_name); - fprint_all_protocols_for_layer_types(stderr, table_name); - g_free(decoded_param); - return FALSE; - } - -/* This is the end of the code that parses the command-line options. - All information is now stored in the variables: - table_name - selector - dissector_matching - The above variables that are strings are still pointing to areas within - decoded_parm. decoded_parm thus still needs to be kept allocated in - until we stop needing these variables - decoded_param will be deallocated at each exit point of this function */ - - - /* We now have a pointer to the handle for the requested dissector - (requested protocol) inside the variable dissector_matching */ - switch (dissector_table_selector_type) { - - case FT_UINT8: - case FT_UINT16: - case FT_UINT24: - case FT_UINT32: - /* The selector for this table is an unsigned number. */ - if (op == '\0') { - dissector_change_uint(table_name, selector, dissector_matching); - } else if (op == ':') { - for (i = selector; i < (guint64)selector + selector2; i++) { - dissector_change_uint(table_name, (guint32)i, dissector_matching); - } - } else { /* op == '-' */ - for (i = selector; i <= selector2; i++) { - dissector_change_uint(table_name, (guint32)i, dissector_matching); - } - } - break; - - case FT_STRING: - case FT_STRINGZ: - case FT_UINT_STRING: - case FT_STRINGZPAD: - /* The selector for this table is a string. */ - dissector_change_string(table_name, selector_str, dissector_matching); - break; - - default: - /* There are currently no dissector tables with any types other - than the ones listed above. */ - g_assert_not_reached(); - } - g_free(decoded_param); /* "Decode As" rule has been successfully added */ - return TRUE; -} - static void tfshark_log_handler (const gchar *log_domain, GLogLevelFlags log_level, const gchar *message, gpointer user_data) @@ -1097,7 +685,7 @@ main(int argc, char *argv[]) /* already processed; just ignore it now */ break; case 'd': /* Decode as rule */ - if (!add_decode_as(optarg)) + if (!decode_as_command_option(optarg)) return 1; break; #if defined(HAVE_HEIMDAL_KERBEROS) || defined(HAVE_MIT_KERBEROS) diff --git a/tshark.c b/tshark.c index af38ab0702..87eea3d137 100644 --- a/tshark.c +++ b/tshark.c @@ -133,13 +133,6 @@ #define tshark_debug(...) #endif - -/* - * This is the template for the decode as option; it is shared between the - * various functions that output the usage for this parameter. - */ -static const gchar decode_as_arg_template[] = "==,"; - static guint32 cum_bytes; static const frame_data *ref; static frame_data ref_frame; @@ -148,8 +141,6 @@ static frame_data prev_dis_frame; static frame_data *prev_cap; static frame_data prev_cap_frame; -static const char* prev_display_dissector_name = NULL; - static gboolean perform_two_pass_analysis; /* @@ -350,7 +341,7 @@ print_usage(FILE *output) fprintf(output, " syntax\n"); fprintf(output, " -n disable all name resolutions (def: all enabled)\n"); fprintf(output, " -N enable specific name resolution(s): \"mnNtCd\"\n"); - fprintf(output, " -d %s ...\n", decode_as_arg_template); + fprintf(output, " -d %s ...\n", DECODE_AS_ARG_TEMPLATE); fprintf(output, " \"Decode As\", see the man page for details\n"); fprintf(output, " Example: tcp.port==8888,http\n"); fprintf(output, " -H read a list of entries from a hosts file, which will\n"); @@ -454,413 +445,6 @@ glossary_option_help(void) fprintf(output, "\n"); } -/* - * For a dissector table, print on the stream described by output, - * its short name (which is what's used in the "-d" option) and its - * descriptive name. - */ -static void -display_dissector_table_names(const char *table_name, const char *ui_name, - gpointer output) -{ - if ((prev_display_dissector_name == NULL) || - (strcmp(prev_display_dissector_name, table_name) != 0)) { - fprintf((FILE *)output, "\t%s (%s)\n", table_name, ui_name); - prev_display_dissector_name = table_name; - } -} - -/* - * For a dissector handle, print on the stream described by output, - * the filter name (which is what's used in the "-d" option) and the full - * name for the protocol that corresponds to this handle. - */ -static void -display_dissector_names(const gchar *table _U_, gpointer handle, gpointer output) -{ - int proto_id; - const gchar *proto_filter_name; - const gchar *proto_ui_name; - - proto_id = dissector_handle_get_protocol_index((dissector_handle_t)handle); - - if (proto_id != -1) { - proto_filter_name = proto_get_protocol_filter_name(proto_id); - proto_ui_name = proto_get_protocol_name(proto_id); - g_assert(proto_filter_name != NULL); - g_assert(proto_ui_name != NULL); - - if ((prev_display_dissector_name == NULL) || - (strcmp(prev_display_dissector_name, proto_filter_name) != 0)) { - fprintf((FILE *)output, "\t%s (%s)\n", - proto_filter_name, - proto_ui_name); - prev_display_dissector_name = proto_filter_name; - } - } -} - -/* - * The protocol_name_search structure is used by find_protocol_name_func() - * to pass parameters and store results - */ -struct protocol_name_search{ - gchar *searched_name; /* Protocol filter name we are looking for */ - dissector_handle_t matched_handle; /* Handle for a dissector whose protocol has the specified filter name */ - guint nb_match; /* How many dissectors matched searched_name */ -}; -typedef struct protocol_name_search *protocol_name_search_t; - -/* - * This function parses all dissectors associated with a table to find the - * one whose protocol has the specified filter name. It is called - * as a reference function in a call to dissector_table_foreach_handle. - * The name we are looking for, as well as the results, are stored in the - * protocol_name_search struct pointed to by user_data. - * If called using dissector_table_foreach_handle, we actually parse the - * whole list of dissectors. - */ -static void -find_protocol_name_func(const gchar *table _U_, gpointer handle, gpointer user_data) - -{ - int proto_id; - const gchar *protocol_filter_name; - protocol_name_search_t search_info; - - g_assert(handle); - - search_info = (protocol_name_search_t)user_data; - - proto_id = dissector_handle_get_protocol_index((dissector_handle_t)handle); - if (proto_id != -1) { - protocol_filter_name = proto_get_protocol_filter_name(proto_id); - g_assert(protocol_filter_name != NULL); - if (strcmp(protocol_filter_name, search_info->searched_name) == 0) { - /* Found a match */ - if (search_info->nb_match == 0) { - /* Record this handle only if this is the first match */ - search_info->matched_handle = (dissector_handle_t)handle; /* Record the handle for this matching dissector */ - } - search_info->nb_match++; - } - } -} - -/* - * Allow dissector key names to be sorted alphabetically - */ - -static gint -compare_dissector_key_name(gconstpointer dissector_a, gconstpointer dissector_b) -{ - return strcmp((const char*)dissector_a, (const char*)dissector_b); -} - -/* - * Print all layer type names supported. - * We send the output to the stream described by the handle output. - */ - -static void -fprint_all_layer_types(FILE *output) - -{ - prev_display_dissector_name = NULL; - dissector_all_tables_foreach_table(display_dissector_table_names, (gpointer)output, (GCompareFunc)compare_dissector_key_name); -} - -/* - * Print all protocol names supported for a specific layer type. - * table_name contains the layer type name in which the search is performed. - * We send the output to the stream described by the handle output. - */ - -static void -fprint_all_protocols_for_layer_types(FILE *output, gchar *table_name) - -{ - prev_display_dissector_name = NULL; - dissector_table_foreach_handle(table_name, - display_dissector_names, - (gpointer)output); -} - -/* - * The function below parses the command-line parameters for the decode as - * feature (a string pointer by cl_param). - * It checks the format of the command-line, searches for a matching table - * and dissector. If a table/dissector match is not found, we display a - * summary of the available tables/dissectors (on stderr) and return FALSE. - * If everything is fine, we get the "Decode as" preference activated, - * then we return TRUE. - */ -static gboolean -add_decode_as(const gchar *cl_param) -{ - gchar *table_name; - guint32 selector, selector2; - gchar *decoded_param; - gchar *remaining_param; - gchar *selector_str; - gchar *dissector_str; - dissector_handle_t dissector_matching; - dissector_table_t table_matching; - ftenum_t dissector_table_selector_type; - struct protocol_name_search user_protocol_name; - guint64 i; - char op; - - /* The following code will allocate and copy the command-line options in a string pointed by decoded_param */ - - g_assert(cl_param); - decoded_param = g_strdup(cl_param); - g_assert(decoded_param); - - - /* The lines below will parse this string (modifying it) to extract all - necessary information. Note that decoded_param is still needed since - strings are not copied - we just save pointers. */ - - /* This section extracts a layer type (table_name) from decoded_param */ - table_name = decoded_param; /* Layer type string starts from beginning */ - - remaining_param = strchr(table_name, '='); - if (remaining_param == NULL) { - cmdarg_err("Parameter \"%s\" doesn't follow the template \"%s\"", cl_param, decode_as_arg_template); - /* If the argument does not follow the template, carry on anyway to check - if the table name is at least correct. If remaining_param is NULL, - we'll exit anyway further down */ - } - else { - *remaining_param = '\0'; /* Terminate the layer type string (table_name) where '=' was detected */ - } - - /* Remove leading and trailing spaces from the table name */ - while ( table_name[0] == ' ' ) - table_name++; - while ( table_name[strlen(table_name) - 1] == ' ' ) - table_name[strlen(table_name) - 1] = '\0'; /* Note: if empty string, while loop will eventually exit */ - -/* The following part searches a table matching with the layer type specified */ - table_matching = NULL; - -/* Look for the requested table */ - if ( !(*(table_name)) ) { /* Is the table name empty, if so, don't even search for anything, display a message */ - cmdarg_err("No layer type specified"); /* Note, we don't exit here, but table_matching will remain NULL, so we exit below */ - } - else { - table_matching = find_dissector_table(table_name); - if (!table_matching) { - cmdarg_err("Unknown layer type -- %s", table_name); /* Note, we don't exit here, but table_matching will remain NULL, so we exit below */ - } - } - - if (!table_matching) { - /* Display a list of supported layer types to help the user, if the - specified layer type was not found */ - cmdarg_err("Valid layer types are:"); - fprint_all_layer_types(stderr); - } - if (remaining_param == NULL || !table_matching) { - /* Exit if the layer type was not found, or if no '=' separator was found - (see above) */ - g_free(decoded_param); - return FALSE; - } - - if (*(remaining_param + 1) != '=') { /* Check for "==" and not only '=' */ - cmdarg_err("WARNING: -d requires \"==\" instead of \"=\". Option will be treated as \"%s==%s\"", table_name, remaining_param + 1); - } - else { - remaining_param++; /* Move to the second '=' */ - *remaining_param = '\0'; /* Remove the second '=' */ - } - remaining_param++; /* Position after the layer type string */ - - /* This section extracts a selector value (selector_str) from decoded_param */ - - selector_str = remaining_param; /* Next part starts with the selector number */ - - remaining_param = strchr(selector_str, ','); - if (remaining_param == NULL) { - cmdarg_err("Parameter \"%s\" doesn't follow the template \"%s\"", cl_param, decode_as_arg_template); - /* If the argument does not follow the template, carry on anyway to check - if the selector value is at least correct. If remaining_param is NULL, - we'll exit anyway further down */ - } - else { - *remaining_param = '\0'; /* Terminate the selector number string (selector_str) where ',' was detected */ - } - - dissector_table_selector_type = get_dissector_table_selector_type(table_name); - - switch (dissector_table_selector_type) { - - case FT_UINT8: - case FT_UINT16: - case FT_UINT24: - case FT_UINT32: - /* The selector for this table is an unsigned number. Parse it as such. - There's no need to remove leading and trailing spaces from the - selector number string, because sscanf will do that for us. */ - switch (sscanf(selector_str, "%u%c%u", &selector, &op, &selector2)) { - case 1: - op = '\0'; - break; - case 3: - if (op != ':' && op != '-') { - cmdarg_err("Invalid selector numeric range \"%s\"", selector_str); - g_free(decoded_param); - return FALSE; - } - if (op == ':') { - if ((selector2 == 0) || ((guint64)selector + selector2 - 1) > G_MAXUINT32) { - cmdarg_err("Invalid selector numeric range \"%s\"", selector_str); - g_free(decoded_param); - return FALSE; - } - } - else if (selector2 < selector) { - /* We could swap them for the user, but maybe it's better to call - * this out as an error in case it's not what was intended? */ - cmdarg_err("Invalid selector numeric range \"%s\"", selector_str); - g_free(decoded_param); - return FALSE; - } - break; - default: - cmdarg_err("Invalid selector number \"%s\"", selector_str); - g_free(decoded_param); - return FALSE; - } - break; - - case FT_STRING: - case FT_STRINGZ: - case FT_UINT_STRING: - case FT_STRINGZPAD: - /* The selector for this table is a string. */ - break; - - default: - /* There are currently no dissector tables with any types other - than the ones listed above. */ - g_assert_not_reached(); - } - - if (remaining_param == NULL) { - /* Exit if no ',' separator was found (see above) */ - cmdarg_err("Valid protocols for layer type \"%s\" are:", table_name); - fprint_all_protocols_for_layer_types(stderr, table_name); - g_free(decoded_param); - return FALSE; - } - - remaining_param++; /* Position after the selector number string */ - - /* This section extracts a protocol filter name (dissector_str) from decoded_param */ - - dissector_str = remaining_param; /* All the rest of the string is the dissector (decode as protocol) name */ - - /* Remove leading and trailing spaces from the dissector name */ - while ( dissector_str[0] == ' ' ) - dissector_str++; - while ( dissector_str[strlen(dissector_str) - 1] == ' ' ) - dissector_str[strlen(dissector_str) - 1] = '\0'; /* Note: if empty string, while loop will eventually exit */ - - dissector_matching = NULL; - - /* We now have a pointer to the handle for the requested table inside the variable table_matching */ - if ( ! (*dissector_str) ) { /* Is the dissector name empty, if so, don't even search for a matching dissector and display all dissectors found for the selected table */ - cmdarg_err("No protocol name specified"); /* Note, we don't exit here, but dissector_matching will remain NULL, so we exit below */ - } - else { - user_protocol_name.nb_match = 0; - user_protocol_name.searched_name = dissector_str; - user_protocol_name.matched_handle = NULL; - - dissector_table_foreach_handle(table_name, find_protocol_name_func, &user_protocol_name); /* Go and perform the search for this dissector in the this table's dissectors' names and shortnames */ - - if (user_protocol_name.nb_match != 0) { - dissector_matching = user_protocol_name.matched_handle; - if (user_protocol_name.nb_match > 1) { - cmdarg_err("WARNING: Protocol \"%s\" matched %u dissectors, first one will be used", dissector_str, user_protocol_name.nb_match); - } - } - else { - /* OK, check whether the problem is that there isn't any such - protocol, or that there is but it's not specified as a protocol - that's valid for that dissector table. - Note, we don't exit here, but dissector_matching will remain NULL, - so we exit below */ - if (proto_get_id_by_filter_name(dissector_str) == -1) { - /* No such protocol */ - cmdarg_err("Unknown protocol -- \"%s\"", dissector_str); - } else { - cmdarg_err("Protocol \"%s\" isn't valid for layer type \"%s\"", - dissector_str, table_name); - } - } - } - - if (!dissector_matching) { - cmdarg_err("Valid protocols for layer type \"%s\" are:", table_name); - fprint_all_protocols_for_layer_types(stderr, table_name); - g_free(decoded_param); - return FALSE; - } - -/* This is the end of the code that parses the command-line options. - All information is now stored in the variables: - table_name - selector - dissector_matching - The above variables that are strings are still pointing to areas within - decoded_parm. decoded_parm thus still needs to be kept allocated in - until we stop needing these variables - decoded_param will be deallocated at each exit point of this function */ - - - /* We now have a pointer to the handle for the requested dissector - (requested protocol) inside the variable dissector_matching */ - switch (dissector_table_selector_type) { - - case FT_UINT8: - case FT_UINT16: - case FT_UINT24: - case FT_UINT32: - /* The selector for this table is an unsigned number. */ - if (op == '\0') { - dissector_change_uint(table_name, selector, dissector_matching); - } else if (op == ':') { - for (i = selector; i < (guint64)selector + selector2; i++) { - dissector_change_uint(table_name, (guint32)i, dissector_matching); - } - } else { /* op == '-' */ - for (i = selector; i <= selector2; i++) { - dissector_change_uint(table_name, (guint32)i, dissector_matching); - } - } - break; - - case FT_STRING: - case FT_STRINGZ: - case FT_UINT_STRING: - case FT_STRINGZPAD: - /* The selector for this table is a string. */ - dissector_change_string(table_name, selector_str, dissector_matching); - break; - - default: - /* There are currently no dissector tables with any types other - than the ones listed above. */ - g_assert_not_reached(); - } - g_free(decoded_param); /* "Decode As" rule has been successfully added */ - return TRUE; -} - static void tshark_log_handler (const gchar *log_domain, GLogLevelFlags log_level, const gchar *message, gpointer user_data) @@ -1436,7 +1020,7 @@ main(int argc, char *argv[]) /* already processed; just ignore it now */ break; case 'd': /* Decode as rule */ - if (!add_decode_as(optarg)) + if (!decode_as_command_option(optarg)) return 1; break; #if defined(HAVE_HEIMDAL_KERBEROS) || defined(HAVE_MIT_KERBEROS) diff --git a/ui/commandline.c b/ui/commandline.c index 4e6f28dba8..04b2d1cab9 100644 --- a/ui/commandline.c +++ b/ui/commandline.c @@ -1,4 +1,4 @@ -/* commandline.h +/* commandline.c * Common command line handling between GUIs * * Wireshark - Network traffic analyzer @@ -56,6 +56,7 @@ #include "preference_utils.h" #include "console.h" #include "recent.h" +#include "decode_as_utils.h" #if defined(HAVE_HEIMDAL_KERBEROS) || defined(HAVE_MIT_KERBEROS) #include @@ -134,6 +135,9 @@ commandline_print_usage(gboolean for_help_option) { fprintf(output, " -R packet filter in Wireshark display filter syntax\n"); fprintf(output, " -n disable all name resolutions (def: all enabled)\n"); fprintf(output, " -N enable specific name resolution(s): \"mnNtd\"\n"); + fprintf(output, " -d %s ...\n", DECODE_AS_ARG_TEMPLATE); + fprintf(output, " \"Decode As\", see the man page for details\n"); + fprintf(output, " Example: tcp.port==8888,http\n"); fprintf(output, " --disable-protocol \n"); fprintf(output, " disable dissection of proto_name\n"); fprintf(output, " --enable-heuristic \n"); @@ -176,7 +180,7 @@ commandline_print_usage(gboolean for_help_option) { #endif } -#define OPTSTRING OPTSTRING_CAPTURE_COMMON "C:g:Hh" "jJ:kK:lm:nN:o:P:r:R:St:u:vw:X:Y:z:" +#define OPTSTRING OPTSTRING_CAPTURE_COMMON "C:d:g:Hh" "jJ:kK:lm:nN:o:P:r:R:St:u:vw:X:Y:z:" static const struct option long_options[] = { {"help", no_argument, NULL, 'h'}, {"read-file", required_argument, NULL, 'r' }, @@ -400,6 +404,10 @@ void commandline_other_options(int argc, char *argv[], commandline_param_info_t* case 'C': /* Configuration profile settings were already processed just ignore them this time*/ break; + case 'd': /* Decode as rule */ + if (!decode_as_command_option(optarg)) + exit(1); + break; case 'j': /* Search backwards for a matching packet from filter in option J */ param_info->jump_backwards = SD_BACKWARD; break; diff --git a/ui/decode_as_utils.c b/ui/decode_as_utils.c index ce66fd2ecf..aec14d5f8d 100644 --- a/ui/decode_as_utils.c +++ b/ui/decode_as_utils.c @@ -37,6 +37,7 @@ #include "wsutil/file_util.h" #include "wsutil/filesystem.h" +#include "wsutil/cmdarg_err.h" #include "ws_version_info.h" /* XXX - We might want to switch this to a UAT */ @@ -345,6 +346,415 @@ save_decode_as_entries(gchar** err) return 0; } +static const char* prev_display_dissector_name = NULL; + +/* +* For a dissector table, print on the stream described by output, +* its short name (which is what's used in the "-d" option) and its +* descriptive name. +*/ +static void +display_dissector_table_names(const char *table_name, const char *ui_name, +gpointer output) +{ + if ((prev_display_dissector_name == NULL) || + (strcmp(prev_display_dissector_name, table_name) != 0)) { + fprintf((FILE *)output, "\t%s (%s)\n", table_name, ui_name); + prev_display_dissector_name = table_name; + } +} + +/* +* For a dissector handle, print on the stream described by output, +* the filter name (which is what's used in the "-d" option) and the full +* name for the protocol that corresponds to this handle. +*/ +static void +display_dissector_names(const gchar *table _U_, gpointer handle, gpointer output) +{ + int proto_id; + const gchar *proto_filter_name; + const gchar *proto_ui_name; + + proto_id = dissector_handle_get_protocol_index((dissector_handle_t)handle); + + if (proto_id != -1) { + proto_filter_name = proto_get_protocol_filter_name(proto_id); + proto_ui_name = proto_get_protocol_name(proto_id); + g_assert(proto_filter_name != NULL); + g_assert(proto_ui_name != NULL); + + if ((prev_display_dissector_name == NULL) || + (strcmp(prev_display_dissector_name, proto_filter_name) != 0)) { + fprintf((FILE *)output, "\t%s (%s)\n", + proto_filter_name, + proto_ui_name); + prev_display_dissector_name = proto_filter_name; + } + } +} + +/* +* Allow dissector key names to be sorted alphabetically +*/ + +static gint +compare_dissector_key_name(gconstpointer dissector_a, gconstpointer dissector_b) +{ + return strcmp((const char*)dissector_a, (const char*)dissector_b); +} + +/* +* Print all layer type names supported. +* We send the output to the stream described by the handle output. +*/ +static void +fprint_all_layer_types(FILE *output) + +{ + prev_display_dissector_name = NULL; + dissector_all_tables_foreach_table(display_dissector_table_names, (gpointer)output, (GCompareFunc)compare_dissector_key_name); +} + +/* +* Print all protocol names supported for a specific layer type. +* table_name contains the layer type name in which the search is performed. +* We send the output to the stream described by the handle output. +*/ +static void +fprint_all_protocols_for_layer_types(FILE *output, gchar *table_name) + +{ + prev_display_dissector_name = NULL; + dissector_table_foreach_handle(table_name, + display_dissector_names, + (gpointer)output); +} + +/* +* The protocol_name_search structure is used by find_protocol_name_func() +* to pass parameters and store results +*/ +struct protocol_name_search{ + gchar *searched_name; /* Protocol filter name we are looking for */ + dissector_handle_t matched_handle; /* Handle for a dissector whose protocol has the specified filter name */ + guint nb_match; /* How many dissectors matched searched_name */ +}; +typedef struct protocol_name_search *protocol_name_search_t; + +/* +* This function parses all dissectors associated with a table to find the +* one whose protocol has the specified filter name. It is called +* as a reference function in a call to dissector_table_foreach_handle. +* The name we are looking for, as well as the results, are stored in the +* protocol_name_search struct pointed to by user_data. +* If called using dissector_table_foreach_handle, we actually parse the +* whole list of dissectors. +*/ +static void +find_protocol_name_func(const gchar *table _U_, gpointer handle, gpointer user_data) + +{ + int proto_id; + const gchar *protocol_filter_name; + protocol_name_search_t search_info; + + g_assert(handle); + + search_info = (protocol_name_search_t)user_data; + + proto_id = dissector_handle_get_protocol_index((dissector_handle_t)handle); + if (proto_id != -1) { + protocol_filter_name = proto_get_protocol_filter_name(proto_id); + g_assert(protocol_filter_name != NULL); + if (strcmp(protocol_filter_name, search_info->searched_name) == 0) { + /* Found a match */ + if (search_info->nb_match == 0) { + /* Record this handle only if this is the first match */ + search_info->matched_handle = (dissector_handle_t)handle; /* Record the handle for this matching dissector */ + } + search_info->nb_match++; + } + } +} + +/* +* The function below parses the command-line parameters for the decode as +* feature (a string pointer by cl_param). +* It checks the format of the command-line, searches for a matching table +* and dissector. If a table/dissector match is not found, we display a +* summary of the available tables/dissectors (on stderr) and return FALSE. +* If everything is fine, we get the "Decode as" preference activated, +* then we return TRUE. +*/ +gboolean decode_as_command_option(const gchar *cl_param) +{ + gchar *table_name; + guint32 selector, selector2; + gchar *decoded_param; + gchar *remaining_param; + gchar *selector_str; + gchar *dissector_str; + dissector_handle_t dissector_matching; + dissector_table_t table_matching; + ftenum_t dissector_table_selector_type; + struct protocol_name_search user_protocol_name; + guint64 i; + char op; + + /* The following code will allocate and copy the command-line options in a string pointed by decoded_param */ + + g_assert(cl_param); + decoded_param = g_strdup(cl_param); + g_assert(decoded_param); + + + /* The lines below will parse this string (modifying it) to extract all + necessary information. Note that decoded_param is still needed since + strings are not copied - we just save pointers. */ + + /* This section extracts a layer type (table_name) from decoded_param */ + table_name = decoded_param; /* Layer type string starts from beginning */ + + remaining_param = strchr(table_name, '='); + if (remaining_param == NULL) { + cmdarg_err("Parameter \"%s\" doesn't follow the template \"%s\"", cl_param, DECODE_AS_ARG_TEMPLATE); + /* If the argument does not follow the template, carry on anyway to check + if the table name is at least correct. If remaining_param is NULL, + we'll exit anyway further down */ + } + else { + *remaining_param = '\0'; /* Terminate the layer type string (table_name) where '=' was detected */ + } + + /* Remove leading and trailing spaces from the table name */ + while (table_name[0] == ' ') + table_name++; + while (table_name[strlen(table_name) - 1] == ' ') + table_name[strlen(table_name) - 1] = '\0'; /* Note: if empty string, while loop will eventually exit */ + + /* The following part searches a table matching with the layer type specified */ + table_matching = NULL; + + /* Look for the requested table */ + if (!(*(table_name))) { /* Is the table name empty, if so, don't even search for anything, display a message */ + cmdarg_err("No layer type specified"); /* Note, we don't exit here, but table_matching will remain NULL, so we exit below */ + } + else { + table_matching = find_dissector_table(table_name); + if (!table_matching) { + cmdarg_err("Unknown layer type -- %s", table_name); /* Note, we don't exit here, but table_matching will remain NULL, so we exit below */ + } + } + + if (!table_matching) { + /* Display a list of supported layer types to help the user, if the + specified layer type was not found */ + cmdarg_err("Valid layer types are:"); + fprint_all_layer_types(stderr); + } + if (remaining_param == NULL || !table_matching) { + /* Exit if the layer type was not found, or if no '=' separator was found + (see above) */ + g_free(decoded_param); + return FALSE; + } + + if (*(remaining_param + 1) != '=') { /* Check for "==" and not only '=' */ + cmdarg_err("WARNING: -d requires \"==\" instead of \"=\". Option will be treated as \"%s==%s\"", table_name, remaining_param + 1); + } + else { + remaining_param++; /* Move to the second '=' */ + *remaining_param = '\0'; /* Remove the second '=' */ + } + remaining_param++; /* Position after the layer type string */ + + /* This section extracts a selector value (selector_str) from decoded_param */ + + selector_str = remaining_param; /* Next part starts with the selector number */ + + remaining_param = strchr(selector_str, ','); + if (remaining_param == NULL) { + cmdarg_err("Parameter \"%s\" doesn't follow the template \"%s\"", cl_param, DECODE_AS_ARG_TEMPLATE); + /* If the argument does not follow the template, carry on anyway to check + if the selector value is at least correct. If remaining_param is NULL, + we'll exit anyway further down */ + } + else { + *remaining_param = '\0'; /* Terminate the selector number string (selector_str) where ',' was detected */ + } + + dissector_table_selector_type = get_dissector_table_selector_type(table_name); + + switch (dissector_table_selector_type) { + + case FT_UINT8: + case FT_UINT16: + case FT_UINT24: + case FT_UINT32: + /* The selector for this table is an unsigned number. Parse it as such. + There's no need to remove leading and trailing spaces from the + selector number string, because sscanf will do that for us. */ + switch (sscanf(selector_str, "%u%c%u", &selector, &op, &selector2)) { + case 1: + op = '\0'; + break; + case 3: + if (op != ':' && op != '-') { + cmdarg_err("Invalid selector numeric range \"%s\"", selector_str); + g_free(decoded_param); + return FALSE; + } + if (op == ':') { + if ((selector2 == 0) || ((guint64)selector + selector2 - 1) > G_MAXUINT32) { + cmdarg_err("Invalid selector numeric range \"%s\"", selector_str); + g_free(decoded_param); + return FALSE; + } + } + else if (selector2 < selector) { + /* We could swap them for the user, but maybe it's better to call + * this out as an error in case it's not what was intended? */ + cmdarg_err("Invalid selector numeric range \"%s\"", selector_str); + g_free(decoded_param); + return FALSE; + } + break; + default: + cmdarg_err("Invalid selector number \"%s\"", selector_str); + g_free(decoded_param); + return FALSE; + } + break; + + case FT_STRING: + case FT_STRINGZ: + case FT_UINT_STRING: + case FT_STRINGZPAD: + /* The selector for this table is a string. */ + break; + + default: + /* There are currently no dissector tables with any types other + than the ones listed above. */ + g_assert_not_reached(); + } + + if (remaining_param == NULL) { + /* Exit if no ',' separator was found (see above) */ + cmdarg_err("Valid protocols for layer type \"%s\" are:", table_name); + fprint_all_protocols_for_layer_types(stderr, table_name); + g_free(decoded_param); + return FALSE; + } + + remaining_param++; /* Position after the selector number string */ + + /* This section extracts a protocol filter name (dissector_str) from decoded_param */ + + dissector_str = remaining_param; /* All the rest of the string is the dissector (decode as protocol) name */ + + /* Remove leading and trailing spaces from the dissector name */ + while (dissector_str[0] == ' ') + dissector_str++; + while (dissector_str[strlen(dissector_str) - 1] == ' ') + dissector_str[strlen(dissector_str) - 1] = '\0'; /* Note: if empty string, while loop will eventually exit */ + + dissector_matching = NULL; + + /* We now have a pointer to the handle for the requested table inside the variable table_matching */ + if (!(*dissector_str)) { /* Is the dissector name empty, if so, don't even search for a matching dissector and display all dissectors found for the selected table */ + cmdarg_err("No protocol name specified"); /* Note, we don't exit here, but dissector_matching will remain NULL, so we exit below */ + } + else { + user_protocol_name.nb_match = 0; + user_protocol_name.searched_name = dissector_str; + user_protocol_name.matched_handle = NULL; + + dissector_table_foreach_handle(table_name, find_protocol_name_func, &user_protocol_name); /* Go and perform the search for this dissector in the this table's dissectors' names and shortnames */ + + if (user_protocol_name.nb_match != 0) { + dissector_matching = user_protocol_name.matched_handle; + if (user_protocol_name.nb_match > 1) { + cmdarg_err("WARNING: Protocol \"%s\" matched %u dissectors, first one will be used", dissector_str, user_protocol_name.nb_match); + } + } + else { + /* OK, check whether the problem is that there isn't any such + protocol, or that there is but it's not specified as a protocol + that's valid for that dissector table. + Note, we don't exit here, but dissector_matching will remain NULL, + so we exit below */ + if (proto_get_id_by_filter_name(dissector_str) == -1) { + /* No such protocol */ + cmdarg_err("Unknown protocol -- \"%s\"", dissector_str); + } + else { + cmdarg_err("Protocol \"%s\" isn't valid for layer type \"%s\"", + dissector_str, table_name); + } + } + } + + if (!dissector_matching) { + cmdarg_err("Valid protocols for layer type \"%s\" are:", table_name); + fprint_all_protocols_for_layer_types(stderr, table_name); + g_free(decoded_param); + return FALSE; + } + + /* This is the end of the code that parses the command-line options. + All information is now stored in the variables: + table_name + selector + dissector_matching + The above variables that are strings are still pointing to areas within + decoded_parm. decoded_parm thus still needs to be kept allocated in + until we stop needing these variables + decoded_param will be deallocated at each exit point of this function */ + + + /* We now have a pointer to the handle for the requested dissector + (requested protocol) inside the variable dissector_matching */ + switch (dissector_table_selector_type) { + + case FT_UINT8: + case FT_UINT16: + case FT_UINT24: + case FT_UINT32: + /* The selector for this table is an unsigned number. */ + if (op == '\0') { + dissector_change_uint(table_name, selector, dissector_matching); + } + else if (op == ':') { + for (i = selector; i < (guint64)selector + selector2; i++) { + dissector_change_uint(table_name, (guint32)i, dissector_matching); + } + } + else { /* op == '-' */ + for (i = selector; i <= selector2; i++) { + dissector_change_uint(table_name, (guint32)i, dissector_matching); + } + } + break; + + case FT_STRING: + case FT_STRINGZ: + case FT_UINT_STRING: + case FT_STRINGZPAD: + /* The selector for this table is a string. */ + dissector_change_string(table_name, selector_str, dissector_matching); + break; + + default: + /* There are currently no dissector tables with any types other + than the ones listed above. */ + g_assert_not_reached(); + } + g_free(decoded_param); /* "Decode As" rule has been successfully added */ + return TRUE; +} + /* * Editor modelines * diff --git a/ui/decode_as_utils.h b/ui/decode_as_utils.h index a8beadef9c..50008182d4 100644 --- a/ui/decode_as_utils.h +++ b/ui/decode_as_utils.h @@ -73,6 +73,14 @@ void decode_build_reset_list (const gchar *table_name, ftenum_t selector_type, */ void decode_clear_all(void); +/* +* This is the template for the decode as option; it is shared between the +* various functions that output the usage for this parameter. +*/ +#define DECODE_AS_ARG_TEMPLATE "==," + +gboolean decode_as_command_option(const gchar *cl_param); + #ifdef __cplusplus } #endif /* __cplusplus */ -- cgit v1.2.3