From c80c16759ba23e29c70ec8fbe62e0a9870685a66 Mon Sep 17 00:00:00 2001 From: Guy Harris Date: Fri, 19 Feb 2021 14:46:42 -0800 Subject: wiretap: eliminate two WTAP_FILE_TYPE_SUBTYPE_ values. Eliminate WTAP_FILE_TYPE_SUBTYPE_ERF and WTAP_FILE_TYPE_SUBTYPE_SYSTEMD_JOURNAL - instead, fetch the values by name, using wtap_name_to_file_type_subtype(). This requires that wtap_init() be called before epan_init(); that's currently the case, but put in comments to indicate why it must continue to be the case. --- dftest.c | 5 +++++ epan/dissectors/packet-erf.c | 6 +++++- epan/dissectors/packet-systemd-journal.c | 6 +++++- fuzz/fuzzshark.c | 5 +++++ rawshark.c | 10 ++++++++++ sharkd.c | 5 +++++ tfshark.c | 12 ++++++++++++ tshark.c | 5 +++++ ui/qt/main.cpp | 5 +++++ wiretap/erf.c | 25 +++++++++++++++++++++++-- wiretap/file_access.c | 14 -------------- wiretap/systemd_journal.c | 24 +++++++++++++++++++++++- wiretap/wtap.h | 2 -- 13 files changed, 103 insertions(+), 21 deletions(-) diff --git a/dftest.c b/dftest.c index ec6b00e251..5ccd16ea08 100644 --- a/dftest.c +++ b/dftest.c @@ -71,6 +71,11 @@ main(int argc, char **argv) timestamp_set_type(TS_RELATIVE); timestamp_set_seconds_type(TS_SECONDS_DEFAULT); + /* + * Libwiretap must be initialized before libwireshark is, so that + * dissection-time handlers for file-type-dependent blocks can + * register using the file type/subtype value for the file type. + */ wtap_init(TRUE); /* Register all dissectors; we must do this before checking for the diff --git a/epan/dissectors/packet-erf.c b/epan/dissectors/packet-erf.c index a8a5abe7bb..241eaab87e 100644 --- a/epan/dissectors/packet-erf.c +++ b/epan/dissectors/packet-erf.c @@ -3863,9 +3863,13 @@ proto_register_erf(void) void proto_reg_handoff_erf(void) { + int file_type_subtype_erf; + dissector_add_uint("wtap_encap", WTAP_ENCAP_ERF, erf_handle); /* Also register dissector for Provenance non-packet records */ - dissector_add_uint("wtap_fts_rec", WTAP_FILE_TYPE_SUBTYPE_ERF, erf_handle); + file_type_subtype_erf = wtap_name_to_file_type_subtype("erf"); + if (file_type_subtype_erf != -1) + dissector_add_uint("wtap_fts_rec", file_type_subtype_erf, erf_handle); /* Get handles for serial line protocols */ chdlc_handle = find_dissector_add_dependency("chdlc", proto_erf); diff --git a/epan/dissectors/packet-systemd-journal.c b/epan/dissectors/packet-systemd-journal.c index b2d03f5914..9b450552c1 100644 --- a/epan/dissectors/packet-systemd-journal.c +++ b/epan/dissectors/packet-systemd-journal.c @@ -889,7 +889,11 @@ proto_register_systemd_journal(void) void proto_reg_handoff_systemd_journal(void) { - dissector_add_uint("wtap_fts_rec", WTAP_FILE_TYPE_SUBTYPE_SYSTEMD_JOURNAL, sje_handle); + int file_type_subtype_systemd_journal; + + file_type_subtype_systemd_journal = wtap_name_to_file_type_subtype("systemd_journal"); + if (file_type_subtype_systemd_journal != -1) + dissector_add_uint("wtap_fts_rec", file_type_subtype_systemd_journal, sje_handle); dissector_add_uint("pcapng.block_type", BLOCK_TYPE_SYSTEMD_JOURNAL, sje_handle); // It's possible to ship journal entries over HTTP/HTTPS using // systemd-journal-remote. Dissecting them on the wire isn't very diff --git a/fuzz/fuzzshark.c b/fuzz/fuzzshark.c index d9287823ac..3bcfca451a 100644 --- a/fuzz/fuzzshark.c +++ b/fuzz/fuzzshark.c @@ -280,6 +280,11 @@ fuzz_init(int argc _U_, char **argv) timestamp_set_precision(TS_PREC_AUTO); timestamp_set_seconds_type(TS_SECONDS_DEFAULT); + /* + * Libwiretap must be initialized before libwireshark is, so that + * dissection-time handlers for file-type-dependent blocks can + * register using the file type/subtype value for the file type. + */ wtap_init(TRUE); /* Register all dissectors; we must do this before checking for the diff --git a/rawshark.c b/rawshark.c index aa822ab07f..23fc53bcb7 100644 --- a/rawshark.c +++ b/rawshark.c @@ -509,6 +509,16 @@ main(int argc, char *argv[]) timestamp_set_precision(TS_PREC_AUTO); timestamp_set_seconds_type(TS_SECONDS_DEFAULT); + /* + * XXX - is this necessary, given that we're not reading a + * regular capture file, we're reading rawshark's packet + * stream format? + * + * If it is, note that libwiretap must be initialized before + * libwireshark is, so that dissection-time handlers for + * file-type-dependent blocks can register using the file + * type/subtype value for the file type. + */ wtap_init(FALSE); /* Register all dissectors; we must do this before checking for the diff --git a/sharkd.c b/sharkd.c index 91ca5892e6..7e0aff4f56 100644 --- a/sharkd.c +++ b/sharkd.c @@ -148,6 +148,11 @@ main(int argc, char *argv[]) timestamp_set_precision(TS_PREC_AUTO); timestamp_set_seconds_type(TS_SECONDS_DEFAULT); + /* + * Libwiretap must be initialized before libwireshark is, so that + * dissection-time handlers for file-type-dependent blocks can + * register using the file type/subtype value for the file type. + */ wtap_init(TRUE); /* Register all dissectors; we must do this before checking for the diff --git a/tfshark.c b/tfshark.c index 89961f093f..504251c2fe 100644 --- a/tfshark.c +++ b/tfshark.c @@ -479,6 +479,18 @@ main(int argc, char *argv[]) timestamp_set_precision(TS_PREC_AUTO); timestamp_set_seconds_type(TS_SECONDS_DEFAULT); + /* + * Libwiretap must be initialized before libwireshark is, so that + * dissection-time handlers for file-type-dependent blocks can + * register using the file type/subtype value for the file type. + * + * XXX - TFShark shouldn't use libwiretap, as it's a file dissector + * and should read all files as raw bytes and then try to dissect them. + * It needs to handle file types its own way, because we would want + * to support dissecting file-type-specific blocks when dissecting + * capture files, but that mechanism should support plugins for + * other files, too, if *their* formats are extensible. + */ wtap_init(TRUE); /* Register all dissectors; we must do this before checking for the diff --git a/tshark.c b/tshark.c index 15d1563f77..f8c9646a3e 100644 --- a/tshark.c +++ b/tshark.c @@ -949,6 +949,11 @@ main(int argc, char *argv[]) timestamp_set_precision(TS_PREC_AUTO); timestamp_set_seconds_type(TS_SECONDS_DEFAULT); + /* + * Libwiretap must be initialized before libwireshark is, so that + * dissection-time handlers for file-type-dependent blocks can + * register using the file type/subtype value for the file type. + */ wtap_init(TRUE); /* Register all dissectors; we must do this before checking for the diff --git a/ui/qt/main.cpp b/ui/qt/main.cpp index cbf0c10ebb..ddde2cbd4b 100644 --- a/ui/qt/main.cpp +++ b/ui/qt/main.cpp @@ -732,6 +732,11 @@ int main(int argc, char *qt_argv[]) open_failure_alert_box, read_failure_alert_box, write_failure_alert_box); + /* + * Libwiretap must be initialized before libwireshark is, so that + * dissection-time handlers for file-type-dependent blocks can + * register using the file type/subtype value for the file type. + */ wtap_init(TRUE); splash_update(RA_DISSECTORS, NULL, NULL); diff --git a/wiretap/erf.c b/wiretap/erf.c index 0d7245fc3e..6ecf2db74f 100644 --- a/wiretap/erf.c +++ b/wiretap/erf.c @@ -177,6 +177,10 @@ static gboolean erf_wtap_blocks_to_erf_sections(wtap_block_t block, GPtrArray *s static guint32 erf_meta_read_tag(struct erf_meta_tag*, guint8*, guint32); +static int erf_file_type_subtype = -1; + +void register_erf(void); + static guint erf_anchor_mapping_hash(gconstpointer key) { const struct erf_anchor_mapping *anchor_map = (const struct erf_anchor_mapping*) key; @@ -542,7 +546,7 @@ extern wtap_open_return_val erf_open(wtap *wth, int *err, gchar **err_info) } /* This is an ERF file */ - wth->file_type_subtype = WTAP_FILE_TYPE_SUBTYPE_ERF; + wth->file_type_subtype = erf_file_type_subtype; wth->snapshot_length = 0; /* not available in header, only in frame */ /* @@ -707,7 +711,7 @@ static gboolean erf_read_header(wtap *wth, FILE_T fh, { guint64 ts = pletoh64(&erf_header->ts); - /*if ((erf_header->type & 0x7f) != ERF_TYPE_META || wth->file_type_subtype != WTAP_FILE_TYPE_SUBTYPE_ERF) {*/ + /*if ((erf_header->type & 0x7f) != ERF_TYPE_META || wth->file_type_subtype != file_type_subtype_erf) {*/ rec->rec_type = REC_TYPE_PACKET; /* * XXX: ERF_TYPE_META records should ideally be FT_SPECIFIC for display @@ -3391,6 +3395,23 @@ static void erf_close(wtap *wth) wth->priv = NULL; } +static const struct file_type_subtype_info erf_info = { + "Endace ERF capture", "erf", "erf", NULL, + FALSE, TRUE, WTAP_COMMENT_PER_SECTION|WTAP_COMMENT_PER_INTERFACE|WTAP_COMMENT_PER_PACKET, + erf_dump_can_write_encap, erf_dump_open, NULL +}; + +void register_erf(void) +{ + erf_file_type_subtype = wtap_register_file_type_subtypes(&erf_info); + + /* + * Register name for backwards compatibility with the + * wtap_filetypes table in Lua. + */ + wtap_register_backwards_compatibility_lua_name("ERF", erf_file_type_subtype); +} + /* * Editor modelines - https://www.wireshark.org/tools/modelines.html * diff --git a/wiretap/file_access.c b/wiretap/file_access.c index 86b92602df..bc5c0bda21 100644 --- a/wiretap/file_access.c +++ b/wiretap/file_access.c @@ -1285,16 +1285,6 @@ static const struct file_type_subtype_info file_type_subtype_table_base[] = { { "ASN.1 Basic Encoding Rules", "ber", NULL, NULL, FALSE, FALSE, 0, NULL, NULL, NULL }, - - /* WTAP_FILE_TYPE_SUBTYPE_ERF */ - { "Endace ERF capture", "erf", "erf", NULL, - FALSE, TRUE, WTAP_COMMENT_PER_SECTION|WTAP_COMMENT_PER_INTERFACE|WTAP_COMMENT_PER_PACKET, - erf_dump_can_write_encap, erf_dump_open, NULL }, - - /* WTAP_FILE_TYPE_SUBTYPE_SYSTEMD_JOURNAL */ - { "systemd journal export", "systemd_journal", NULL, NULL, - FALSE, FALSE, 0, - NULL, NULL, NULL } }; #define N_DUMP_OPEN_TABLE_BASE_ENTRIES (sizeof(file_type_subtype_table_base) / sizeof(struct file_type_subtype_info)) @@ -2841,10 +2831,6 @@ wtap_register_backwards_compatibility_lua_name(const char *name, int ft) WTAP_FILE_TYPE_SUBTYPE_IPTRACE_2_0); wtap_register_backwards_compatibility_lua_name("BER", WTAP_FILE_TYPE_SUBTYPE_BER); - wtap_register_backwards_compatibility_lua_name("ERF", - WTAP_FILE_TYPE_SUBTYPE_ERF); - wtap_register_backwards_compatibility_lua_name("SYSTEMD_JOURNAL", - WTAP_FILE_TYPE_SUBTYPE_SYSTEMD_JOURNAL); } entry.name = name; entry.ft = ft; diff --git a/wiretap/systemd_journal.c b/wiretap/systemd_journal.c index 4414404199..621241e8f8 100644 --- a/wiretap/systemd_journal.c +++ b/wiretap/systemd_journal.c @@ -62,6 +62,10 @@ static gboolean systemd_journal_read_export_entry(FILE_T fh, wtap_rec *rec, #define FLD__REALTIME_TIMESTAMP "__REALTIME_TIMESTAMP=" #define FLD__MONOTONIC_TIMESTAMP "__MONOTONIC_TIMESTAMP=" +static int systemd_journal_file_type_subtype = -1; + +void register_systemd_journal(void); + wtap_open_return_val systemd_journal_open(wtap *wth, int *err _U_, gchar **err_info _U_) { gchar *entry_buff = (gchar*) g_malloc(MAX_EXPORT_ENTRY_LENGTH); @@ -97,7 +101,7 @@ wtap_open_return_val systemd_journal_open(wtap *wth, int *err _U_, gchar **err_i return WTAP_OPEN_NOT_MINE; } - wth->file_type_subtype = WTAP_FILE_TYPE_SUBTYPE_SYSTEMD_JOURNAL; + wth->file_type_subtype = systemd_journal_file_type_subtype; wth->subtype_read = systemd_journal_read; wth->subtype_seek_read = systemd_journal_seek_read; wth->file_encap = WTAP_ENCAP_SYSTEMD_JOURNAL; @@ -232,6 +236,24 @@ systemd_journal_read_export_entry(FILE_T fh, wtap_rec *rec, Buffer *buf, int *er return TRUE; } +static const struct file_type_subtype_info systemd_journal_info = { + "systemd journal export", "systemd_journal", NULL, NULL, + FALSE, FALSE, 0, + NULL, NULL, NULL +}; + +void register_systemd_journal(void) +{ + systemd_journal_file_type_subtype = wtap_register_file_type_subtypes(&systemd_journal_info); + + /* + * Register name for backwards compatibility with the + * wtap_filetypes table in Lua. + */ + wtap_register_backwards_compatibility_lua_name("SYSTEMD_JOURNAL", + systemd_journal_file_type_subtype); +} + /* * Editor modelines - https://www.wireshark.org/tools/modelines.html * diff --git a/wiretap/wtap.h b/wiretap/wtap.h index 2a0ecfb4f8..40006d829f 100644 --- a/wiretap/wtap.h +++ b/wiretap/wtap.h @@ -312,8 +312,6 @@ extern "C" { #define WTAP_FILE_TYPE_SUBTYPE_IPTRACE_1_0 9 #define WTAP_FILE_TYPE_SUBTYPE_IPTRACE_2_0 10 #define WTAP_FILE_TYPE_SUBTYPE_BER 11 -#define WTAP_FILE_TYPE_SUBTYPE_ERF 12 -#define WTAP_FILE_TYPE_SUBTYPE_SYSTEMD_JOURNAL 13 /* timestamp precision (currently only these values are supported) */ #define WTAP_TSPREC_UNKNOWN -2 -- cgit v1.2.3