The purpose of this macro was to enable the file-by-file switch to NDO,
after which only tcpdump.c had a use of it and the definitions guarded
by it. Update tcpdump.c not to require them any more and dismiss the
unused definitions.
"Text protocols" are protocols that have the general feel of FTP, with
command lines with a command name and space-separated arguments and
response lines beginning with a 3-digit reply code. They can also
include HTTP-style headers and an entity body.
We add support for the FTP control channel, HTTP, SMTP, and RTSP. We
also change the SIP printer to use it.
Check for pcap_set_tstamp_precision() in the configure script and, if
it's not there, don't include the code that allows time stamp precisions
to be set.
Simplify separator string handling in bittok2str_internal(): use empty
value for the first snprintf() call and set new value after each use.
This makes the terminating null char management unnecessary, especially
that it missed the case where there was no separator and no match (it
would return the previous content of the static buffer unchanged).
This change may affect the output of tcpdump in that before it could
print either "[]" or "[none]" or a string like "[S.]" for TCP flags
value 0. Now it prints "[none]" as that is exactly the value passed to
bittok2str_nosep() in tcp_print().
A while ago we introduced new API in libpcap which made possible to
request time stamps with higher precision (nanoseconds). This commit
aims to move things forward and implement missing bits. It introduces
new long option --time-stamp-precision. Note that there is no equivalent
short option.
When used for a live capture tcpdump will ask the kernel for time stamp
with desired precision and tcpdump will print fraction part of the time
stamp using respective format. We currently support only microsecond and
nanosecond precision. In the future we might support even more granular
time stamp precision, but we should be fine to support only
microseconds and nanoseconds for now. libpcap doesn't provide anything
else at the moment anyway.
When used in combination with -r/-w options then we obtain time stamps
appropriately scaled up or down from libpcap. Also note that distinct
magic number is used for savefiles containing nanosecond time stamps.
We need <errno.h> on UN*X in some files that include tcpdump-stdinc.h,
such as missing/inet_pton.c.
Remove includes of <errno.h> from files that include tcpdump-stdinc.h.
And, as we require at least autoconf 2.61, and as autoconf 2.61 and
later have AC_TYPE_UINTn_T and AC_TYPE_INTn_T macros, we use them to
define the uintN_t and intN_t macros if the system doesn't define them
for us.
This lets us get rid of bitypes.h as well.
Both interface.h and netdissect.h include <pcap.h>, thus most files
should not include it regardless if these need it or not. The only
exceptions so far remain:
* addrtoname.c
* missing/datalinks.c
* missing/dlnames.c
* tcpdump.c
This resolves a few Solaris-specific warnings emitted by
/opt/solarisstudio12.3/bin/cc like below:
warning: initializer does not fit or is out of range: 0xffffffff
(also happened for 0x80000000)
We do *not* want the behavior of isprint() and isgraph() to be
locale-dependent - we want both of them to return "true" only for ASCII
characters.
We have to do our own isascii() and toascii() on non-UN*X systems
anyway, so let's just do all of them ourselves.
It appears that some C compilers will inline safememcpy() *and* will, as
a result, optimize to assume alignment it if it's passed a
putatively-aligned pointer. As the pointers in question are not
guaranteed to be aligned, that can cause crashes on, for example, SPARC.
Also, rename the function to unaligned_memcpy(), to clarify what's
"safe" about it, and change some direct memcpy() calls to use it as
well.
Remove lots of $Header's and a few $Id's that all belong to the former
CVS repository of tcpdump itself. These keywords have been frozen since
the migration to git in late 2008.
- seperate fields by comma
- use [] for flags and options sets
- print a trailing length field
make use of tok2str() and bitttok2str()
move port definitions into tcp.h
with a maximum length, where a string shorter than that length is padded
with NULs), as "fn_print()" won't handle the maximum length *and* the
snapshot length and "fn_printn()" won't stop on a null string. Use it
where appropriate.
Always pass "snapend" to "fn_print()" and "fn_printn()" if they're
passed a pointer into the packet data; only pass NULL if they're being
handed a pointer into a buffer that's not part of the packet data.
Always check the return value of "fn_print()", "fn_printn()", and
"fn_printzp()" if they're passed "snapend", and do the appropriate
string termination and "packet truncated" indication if they return 1.
-harden tok2str() and bittok2str() to catch NULL refs
-don't attempt to print a frame-relay IE if there is not enough bytes on the wire
to print at least a full TLV
tflag values correspond to what output formats (e.g., 4 means "-tttt").
Switch on the tflag value to determine whether to call "gmt2local()" to
set "thiszone", just as we switch on it to determine the format for time
stamps, to make it more obvious in what cases we call it.
