diff options
author | Guy Harris <guy@alum.mit.edu> | 2014-07-04 00:24:02 -0700 |
---|---|---|
committer | Guy Harris <guy@alum.mit.edu> | 2014-07-04 07:25:26 +0000 |
commit | 9e6487f24751d1c1a047ee82e158077ac67c9c68 (patch) | |
tree | 3cc4a8524062948f4951914dc9af489e0d7c4572 /caputils/capture_wpcap_packet.c | |
parent | c5643a3d257909ed3e8752cd729b9192ae719683 (diff) |
Move utility routines for capturing into a libcaputils static library.
Some of those routines are used only in dumpcap; others are used in
TShark and Wireshark as well.
Change-Id: I9d92483f2fcff57a7d8b6bf6bdf2870505d19fb7
Reviewed-on: https://code.wireshark.org/review/2841
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Diffstat (limited to 'caputils/capture_wpcap_packet.c')
-rw-r--r-- | caputils/capture_wpcap_packet.c | 331 |
1 files changed, 331 insertions, 0 deletions
diff --git a/caputils/capture_wpcap_packet.c b/caputils/capture_wpcap_packet.c new file mode 100644 index 0000000000..5b3ffc479d --- /dev/null +++ b/caputils/capture_wpcap_packet.c @@ -0,0 +1,331 @@ +/* capture_wpcap_packet.c + * WinPcap-specific interfaces for low-level information (packet.dll). + * We load WinPcap at run + * time, so that we only need one Wireshark binary and one TShark binary + * for Windows, regardless of whether WinPcap is installed or not. + * + * Wireshark - Network traffic analyzer + * By Gerald Combs <gerald@wireshark.org> + * Copyright 2001 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "config.h" + +#if defined HAVE_LIBPCAP && defined _WIN32 + +#include <glib.h> +#include <gmodule.h> + +#include <pcap.h> + +/* XXX - yes, I know, I should move cppmagic.h to a generic location. */ +#include "tools/lemon/cppmagic.h" + +#include <epan/value_string.h> + +#include <winsock2.h> /* Needed here to force a definition of WINVER */ + /* for some (all ?) Microsoft compilers newer than vc6. */ + /* (If windows.h were used instead, there might be */ + /* issues re winsock.h included before winsock2.h ) */ +#include <windowsx.h> +#include <Ntddndis.h> + +#include "caputils/capture_wpcap_packet.h" +#include <wsutil/file_util.h> + +/* packet32.h requires sockaddr_storage + * whether sockaddr_storage is defined or not depends on the Platform SDK + * version installed. The only one not defining it is the SDK that comes + * with MSVC 6.0 (WINVER 0x0400). + * + * copied from RFC2553 (and slightly modified because of datatypes) ... + * XXX - defined more than once, move this to a header file */ +#ifndef WINVER +#error WINVER not defined .... +#endif +#if (WINVER <= 0x0400) && defined(_MSC_VER) +typedef unsigned short eth_sa_family_t; + +/* + * Desired design of maximum size and alignment + */ +#define ETH_SS_MAXSIZE 128 /* Implementation specific max size */ +#define ETH_SS_ALIGNSIZE (sizeof (gint64 /*int64_t*/)) + /* Implementation specific desired alignment */ +/* + * Definitions used for sockaddr_storage structure paddings design. + */ +#define ETH_SS_PAD1SIZE (ETH_SS_ALIGNSIZE - sizeof (eth_sa_family_t)) +#define ETH_SS_PAD2SIZE (ETH_SS_MAXSIZE - (sizeof (eth_sa_family_t) + \ + ETH_SS_PAD1SIZE + ETH_SS_ALIGNSIZE)) + +struct sockaddr_storage { + eth_sa_family_t __ss_family; /* address family */ + /* Following fields are implementation specific */ + char __ss_pad1[ETH_SS_PAD1SIZE]; + /* 6 byte pad, this is to make implementation */ + /* specific pad up to alignment field that */ + /* follows explicit in the data structure */ + gint64 /*int64_t*/ __ss_align; /* field to force desired structure */ + /* storage alignment */ + char __ss_pad2[ETH_SS_PAD2SIZE]; + /* 112 byte pad to achieve desired size, */ + /* _SS_MAXSIZE value minus size of ss_family */ + /* __ss_pad1, __ss_align fields is 112 */ +}; +/* ... copied from RFC2553 */ +#endif /* WINVER */ + +#include <Packet32.h> + +gboolean has_wpacket = FALSE; + + +/* This module will use the PacketRequest function in packet.dll (coming with WinPcap) to "directly" access + * the Win32 NDIS network driver(s) and ask for various values (status, statistics, ...). + * + * Unfortunately, the definitions required for this are not available through the usual windows header files, + * but require the Windows "Device Driver Kit" which is not available for free :-( + * + * Fortunately, the definitions needed to access the various NDIS values are available from various OSS projects: + * - WinPcap in Ntddndis.h + * - Ndiswrapper in driver/ndis.h and driver/iw_ndis.h + * - cygwin (MingW?) in usr/include/w32api/ddk/ndis.h and ntddndis.h + * - FreeBSD (netperf) + */ + +/* The MSDN description of the NDIS driver API is available at: +/* MSDN Home > MSDN Library > Win32 and COM Development > Driver Development Kit > Network Devices and Protocols > Reference */ +/* "NDIS Objects" */ +/* http://msdn.microsoft.com/library/default.asp?url=/library/en-us/network/hh/network/21oidovw_d55042e5-0b8a-4439-8ef2-be7331e98464.xml.asp */ + +/* Some more interesting links: + * http://sourceforge.net/projects/ndiswrapper/ + * http://www.osronline.com/lists_archive/windbg/thread521.html + * http://cvs.sourceforge.net/viewcvs.py/mingw/w32api/include/ddk/ndis.h?view=markup + * http://cvs.sourceforge.net/viewcvs.py/mingw/w32api/include/ddk/ntddndis.h?view=markup + */ + + + +/******************************************************************************************************************************/ +/* stuff to load WinPcap's packet.dll and the functions required from it */ + +static PCHAR (*p_PacketGetVersion) (void); +static LPADAPTER (*p_PacketOpenAdapter) (char *adaptername); +static void (*p_PacketCloseAdapter) (LPADAPTER); +static int (*p_PacketRequest) (LPADAPTER, int, void *); + +typedef struct { + const char *name; + gpointer *ptr; + gboolean optional; +} symbol_table_t; + +#define SYM(x, y) { G_STRINGIFY(x) , (gpointer) &CONCAT(p_,x), y } + +void +wpcap_packet_load(void) +{ + + /* These are the symbols I need or want from packet.dll */ + static const symbol_table_t symbols[] = { + SYM(PacketGetVersion, FALSE), + SYM(PacketOpenAdapter, FALSE), + SYM(PacketCloseAdapter, FALSE), + SYM(PacketRequest, FALSE), + { NULL, NULL, FALSE } + }; + + GModule *wh; /* wpcap handle */ + const symbol_table_t *sym; + + wh = ws_module_open("packet.dll", 0); + + if (!wh) { + return; + } + + sym = symbols; + while (sym->name) { + if (!g_module_symbol(wh, sym->name, sym->ptr)) { + if (sym->optional) { + /* + * We don't care if it's missing; we just + * don't use it. + */ + *sym->ptr = NULL; + } else { + /* + * We require this symbol. + */ + return; + } + } + sym++; + } + + has_wpacket = TRUE; +} + + + +/******************************************************************************************************************************/ +/* functions to access the NDIS driver values */ + + +/* get dll version */ +char * +wpcap_packet_get_version(void) +{ + if(!has_wpacket) { + return NULL; + } + return p_PacketGetVersion(); +} + + +/* open the interface */ +void * +wpcap_packet_open(char *if_name) +{ + LPADAPTER adapter; + + g_assert(has_wpacket); + adapter = p_PacketOpenAdapter(if_name); + + return adapter; +} + + +/* close the interface */ +void +wpcap_packet_close(void *adapter) +{ + + g_assert(has_wpacket); + p_PacketCloseAdapter(adapter); +} + + +/* do a packet request call */ +int +wpcap_packet_request(void *adapter, ULONG Oid, int set, char *value, unsigned int *length) +{ + BOOLEAN Status; + ULONG IoCtlBufferLength=(sizeof(PACKET_OID_DATA) + (*length) - 1); + PPACKET_OID_DATA OidData; + + + g_assert(has_wpacket); + + if(p_PacketRequest == NULL) { + g_warning("packet_request not available\n"); + return 0; + } + + /* get a buffer suitable for PacketRequest() */ + OidData=GlobalAllocPtr(GMEM_MOVEABLE | GMEM_ZEROINIT,IoCtlBufferLength); + if (OidData == NULL) { + g_warning("GlobalAllocPtr failed for %u\n", IoCtlBufferLength); + return 0; + } + + OidData->Oid = Oid; + OidData->Length = *length; + memcpy(OidData->Data, value, *length); + + Status = p_PacketRequest(adapter, set, OidData); + + if(Status) { + if(OidData->Length <= *length) { + /* copy value from driver */ + memcpy(value, OidData->Data, OidData->Length); + *length = OidData->Length; + } else { + /* the driver returned a value that is longer than expected (and longer than the given buffer) */ + g_warning("returned oid too long, Oid: 0x%x OidLen:%u MaxLen:%u", Oid, OidData->Length, *length); + Status = FALSE; + } + } + + GlobalFreePtr (OidData); + + if(Status) { + return 1; + } else { + return 0; + } +} + + +/* get an UINT value using the packet request call */ +int +wpcap_packet_request_uint(void *adapter, ULONG Oid, UINT *value) +{ + BOOLEAN Status; + int length = sizeof(UINT); + + + Status = wpcap_packet_request(adapter, Oid, FALSE /* !set */, (char *) value, &length); + if(Status && length == sizeof(UINT)) { + return 1; + } else { + return 0; + } +} + + +/* get an ULONG value using the NDIS packet request call */ +int +wpcap_packet_request_ulong(void *adapter, ULONG Oid, ULONG *value) +{ + BOOLEAN Status; + int length = sizeof(ULONG); + + + Status = wpcap_packet_request(adapter, Oid, FALSE /* !set */, (char *) value, &length); + if(Status && length == sizeof(ULONG)) { + return 1; + } else { + return 0; + } +} + + +#else /* HAVE_LIBPCAP && _WIN32 */ + +void +wpcap_packet_load(void) +{ + return; +} + +#endif /* HAVE_LIBPCAP */ + +/* + * Editor modelines - http://www.wireshark.org/tools/modelines.html + * + * Local variables: + * c-basic-offset: 4 + * tab-width: 8 + * indent-tabs-mode: nil + * End: + * + * ex: set shiftwidth=4 tabstop=8 expandtab: + * :indentSize=4:tabSize=8:noTabs=true: + */ |