First, find out where, if anywhere, ether_ntohost() is declare, *then*
test whether it's buggy - using code taken from addrtoname.c to figure
out what to include and, if there's nothing that works, how to work
around it.
(This means that a bunch of platforms will start using ether_ntohost().)
Grab the stuff from libpcap's configure script that looks for libssl
(and libcrypto) and adapt it to look for libcrypto.
his includes some macros to check using pkg-config (and other macros,
such as macros to save and restore CFLAGS, LIBS, and LDFLAGS; any
resemblance between their names and the cmake_push_check_state() and
cmake_pop_check_state() commands is *entirely* coincidental :-)).
Instead of checking for DES_cbc_encrypt(), which we don't use, to
determine whether the libcrypto we found is usable, check for
EVP_CIPHER_CTX_block_size(), which we *do* use. (We also check whether
the openssl/evp.h header exists; if it doesn't, we might have found the
libcrypto that Apple bundles with macOS, for which they do *NOT* provide
the header in newer versions of Xcode.) See also #1174.
This means that we don't need to check whether we have openssl/evp.h at
compile time - now, if we don't, we don't even set HAVE_LIBCRYPTO, so
there's no need to check HAVE_OPENSSL_EVP_H.
There appears to be no way to build tcpdump on macOS Ventura with Xcode
15 with the system libpcap and have the resulting program run without
getting an error due to failing to find pcap_open() or
pcap_findalldevs_ex() at startup.
In particular, there appears to be no way to use __builtin_available()
to protect accesses to the routines that showed up in Sonoma, so that
the run-time linker doesn't fail if the routine in question isn't
present. Perhaps it requires more compiler command-line arguments.
So, instead, only check for pcap_open() and pcap_findalldevs_ex() if 1)
this isn't macOS or 2) we're not building with the system libpcap.
Those might point to a directory with headers and libraries for an
installed version of libpcap; if we've already decided to use a local
version in the source tree next to us, don't put -I and -L flags from
--with-crypto in front of them, put those flags *after* what's already
in V_INCLS and LIBS.
This lets us remove a bunch of configure-time and compile-time tests.
Update documentation to reflect this.
WinPcap 4.1.3 is based on libpcap 1.0, but doesn't export all of the new
APIs, so it won't work with code that uses any of the other APIs, which
tcpdump does, so don't test with WinPcap.
Same result in config.h as with CMake.
Before:
#define NETINET_ETHER_H_DECLARES_ETHER_NTOHOST /**/
After:
#define NETINET_ETHER_H_DECLARES_ETHER_NTOHOST 1
[skip ci]
print-sll.c uses HAVE_NET_IF_H, which does not always work right: the
header is in POSIX.1-2001, but the result of if_indextoname() is
irrelevant if the current OS is not Linux, in which case the packet was
captured on a different host because libpcap produces DLT_LINUX_SLL2 on
Linux only. The result can be irrelevant on Linux too, but this does
not have an easy solution.
To reduce the problem space, switch print-sll.c to check for __linux__
instead. In tcpdump.c print the warning about interface names only if
sll2_if_print() would print interface names. Since HAVE_NET_IF_H has no
purpose now, remove the checks for <net/if.h>.
At the time of commit 09b639a in 2015 C99 was not a requirement yet, so
the use of AC_TYPE_UINTPTR_T was necessary. However, CMake since its
introduction in 2018 has not been checking for uintptr_t, which proves
that by now all supported platforms have the type and the Autoconf check
is obsolete.
Do not check that the function is just available: first, it is in C99,
so the check almost certainly is a waste of time; second, the source
requires the function unconditionally; third, the subsequent "snprintf()
is suitable" check implies the "snprintf() is available" part anyway.
As most setlinebuf(3) man pages mention, setlinebuf() is a shorthand for
setvbuf(). The latter is in C99, but the former is not, so it is most
logical to use setvbuf() in all cases and to lose another build-time
check.
With this change we know:
whether this is a 32-bit or 64-bit build ;
whether the time_t size is 32-bit or 64-bit.
At least with CMake, the SIZEOF values could be 0, if somebody's
doing a fat build on macOS and that includes both 32-bit and 64-bit
instruction sets.
As Francois-Xavier points it out, my commit 3aa6574 fixed one bug, but
introduced another: running "./configure --with-gcc" also erroneously
takes the --with-user code path because withval is set to "yes" after
the --with-gcc block:
./configure --with-gcc
[...]
checking whether to drop root privileges by default... configure:
error: --with-user requires a username
The matter is, in Autoconf AC_ARG_WITH() without ation-if-not-given
assigns withval only if with_xxxx is set to any value (including an
empty string), so make sure withval is always set in AC_ARG_WITH() and
spell all possible withval values in AS_CASE(), this way regardless of
any other options the behaviour is correct.
Rejected:
--with-user
--with-user=
--with-user=yes
--with-chroot
--with-chroot=
--with-chroot=yes
Accepted:
--without-user
--with-user=no
--with-user=someuser
--without-chroot
--with-chroot=no
--with-chroot=/somedir
tcpdump.c requires both HAVE_PCAP_IF_T and HAVE_PCAP_FINDALLDEVS to
manage the code that depends on pcap_findalldevs(). Other than that,
the Autoconf and CMake checks that produce these two macros do not
relate directly, so having the check for pcap_if_t conditional on the
check for pcap_findalldevs() is an unnecessary complication.
More importantly, in the CMake case this places the check_type_size()
for pcap_if_t into a context with CMAKE_REQUIRED_LIBRARIES already set
to PCAP_LIBRARIES. This works only if check_type_size() does not have
to check for <sys/types.h>, <stdint.h> or <stddef.h> implicitly. This
was the case so long as another check_type_size() before the
CMAKE_REQUIRED_LIBRARIES change made the implicit checks and cached the
results, but removing that earlier instance resulted in a warning:
Policy CMP0075 is not set: Include file check macros honor
CMAKE_REQUIRED_LIBRARIES. Run "cmake --help-policy CMP0075" for policy
details. Use the cmake_policy command to set the policy and suppress this
warning.
CMAKE_REQUIRED_LIBRARIES is set to:
/usr/lib/x86_64-linux-gnu/libpcap.so
For compatibility with CMake 3.11 and below this check is ignoring it.
To fix that, in both Autoconf and CMake make the two checks separate and
unconditional and place the check for pcap_if_t where it fits better.
In CMake remove the earlier workaround with in6_addr.
tcpdump source code has not been using struct in6_addr since commit
0c9cfdc in 2019, so lose the conditional structure declaration, which is
a no-op.
Since commit de7c619 in 2015 netdissect-stdinc.h on Windows defines
HAVE_OS_IPV6_SUPPORT if AF_INET6 if defined, which makes it equivalent
to AF_INET6. On Unix-like systems taking struct in6_addr out of scope
would make HAVE_OS_IPV6_SUPPORT equivalent to AF_INET6, thus after
removing struct in6_addr remove HAVE_OS_IPV6_SUPPORT together with
Autoconf and CMake checks that define it. Leave an unrelated CMake
workaround in place for later debugging.
On Windows do not define AF_INET6 if it is not defined, which makes
AF_INET6 a universal indicator of the OS IPv6 support on all supported
OSes. The few remaining use cases that genuinely need AF_INET6 use it
to make OS API calls, so if the macro is not defined, it most likely
means such an API call in the best case would return just a well-formed
error status. With this in mind, in win32_gethostbyaddr() and
ip6addr_string() guard all IPv6-specific code with #ifdef AF_INET6. In
tcpdump.c add a comment to note why a guard is not required for
Casper-specific conditional code that uses AF_INET6.
This way when the OS does not support IPv6, IPv6 addresses will not
resolve to names, which is expected. Other than that, tcpdump should be
able to process IPv6 addresses the usual way regardless if the OS would
be able to process the packets with these addresses.
The KAME/INRIA/etc. block has been around since commit c9d84d1 in 1999,
when it was common for IPv6 stacks to exist and develop separately from
operating systems. During the next 10 or so years IPv6 support in
various operating systems became the norm and the stack detector became
obsolete. Remove it and continue to use libc IPv6 implementation.
libpcap has been using strdup() for a long time too, but never
substituted it under the assumption the function is available in all
supported OSes, see libpcap commit cb71eef from 2006. The only
exception to that is Windows, which can have a different name for the
function, but both libpcap and tcpdump for that already use a separate
workaround, which does not involve the substitution.
Let's take this as a proof that strdup() substitution in tcpdump is dead
code, and remove it.
The check for vsnprintf() has been in the configure script since commit
8cb054c in 2000, and the only actual use of the function was in the
"#ifndef HAVE_SNPRINTF" block in missing/snprintf.c until commit 1ed63b5
in 2019. Since then tcpdump does not require vsnprintf() in any way.
My earlier commit fbd4415 did a wrong thing because it caused a failure
to fail in "make check" on Solaris 9, whereas the right thing to do when
printf() does not work as expected would be to fail the build with a
useful error message. Implement that by testing snprintf() in Autoconf
and CMake (assume that in a given libc implementation all functions in
the printf() family have the same level of support for conversion
specifications). Return 18 tests from the conditional space back into
TESTLIST.
Add it before doing anything about the C compiler, so that all tests
done with the compiler are done with -fPIC, in case any of those tests
involve producing an executable image.
THat forces *all* uses of the C compiler, whether it's being used in
configure-script tests or used to compile tcpdump, to gave -fPIC, which
is necessary on Haiku in order for linking to work. Otherwise,
configure script tests that involve linking will fail.
Output of the IPv6 part of ./configure used to look OK on Linux:
checking whether the operating system supports IPv6... yes
checking ipv6 stack type... linux-glibc
But it was not OK on most other systems, for example, on FreeBSD:
checking whether the operating system supports IPv6... yes
checking ipv6 stack type... checking how to run the C preprocessor... cc
-E
checking for grep that handles long lines and -e... /usr/bin/grep
checking for egrep... /usr/bin/grep -E
kame
You do not have inet6 library, using libc
Get the sequence of these messages right. Now on Linux this is:
checking whether the operating system supports IPv6... yes
checking how to run the C preprocessor... gcc -E
checking for egrep... (cached) /usr/bin/grep -E
checking ipv6 stack type... linux-glibc
And on FreeBSD it is:
checking whether the operating system supports IPv6... yes
checking how to run the C preprocessor... cc -E
checking for grep that handles long lines and -e... /usr/bin/grep
checking for egrep... /usr/bin/grep -E
checking ipv6 stack type... kame
You do not have inet6 library, using libc
Refine two blocks in configure.ac such that each option correctly
handles both of the Autoconf-supplied values ("yes" and "no") and, when
the option is properly enabled, the message is easier to understand.
See also commit 9aca99a. While at it, use $withval more to unify the
code and squelch the following warnings from Autoconf 2.71:
configure.ac:188: warning: back quotes and double quotes must not be
escaped in: $as_me:${as_lineno-$LINENO}: result: to \"$withval\"
configure.ac:188: warning: back quotes and double quotes must not be
escaped in: to \"$withval\"
configure.ac:198: warning: back quotes and double quotes must not be
escaped in: $as_me:${as_lineno-$LINENO}: result: to \"$withval\"
configure.ac:198: warning: back quotes and double quotes must not be
escaped in: to \"$withval\"
User experience before:
./configure
checking whether to drop root privileges by default... no
checking whether to chroot... no
./configure --with-user=someuser --with-chroot=/some/dir/
checking whether to drop root privileges by default... to "someuser"
checking whether to chroot... to "/some/dir/"
./configure --without-user --without-chroot
checking whether to drop root privileges by default... to "no"
checking whether to chroot... no
./configure --with-user
checking whether to drop root privileges by default... to "yes"
./configure --with-chroot
checking whether to chroot... to "yes"
User experience after:
./configure
checking whether to drop root privileges by default... no
checking whether to chroot... no
./configure --with-user=someuser --with-chroot=/some/dir/
checking whether to drop root privileges by default... yes, to user
"someuser"
checking whether to chroot... yes, to directory "/some/dir/"
./configure --without-user --without-chroot
checking whether to drop root privileges by default... no
checking whether to chroot... no
./configure --with-user
configure: error: --with-user requires a username
./configure --with-chroot
configure: error: --with-chroot requires a directory
In 2002 this macro implemented a workaround for HP C compiler because
the latter did not work with the implementation of AC_C_INLINE in
Autoconf 2.13 (see commit b1263c6). Since then the required kind of
inline very likely became available in every supported compiler of every
supported OS, but just in case there is still an exception, use
AC_C_INLINE from Autoconf 2.69 (or later) and trust it to work right.
In other words, if the original problem still exists, this will have to
be proven.
This squelches one more warning from Autoconf 2.71:
configure.ac:32: warning: The macro `AC_TRY_COMPILE' is obsolete.
It's specified by the C90 standard (and, as I remember, by the C89
standard, although I no longer have my paper copy); no need to worry
about ancient environments that lack it, and we have some cases where we
call it in code not protected by #ifdef HAVE_STRFTIME/#endif and haven't
seen any reports of problems.
Clang 15 makes implicit function declarations fatal by default which
leads to some of tcpdump's configure tests silently failing/returning
the wrong result.
This adds the needed #includes to various tests for the functions used,
resolving the following errors:
```
net-analyzer/tcpdump-4.99.1/clang15.log:47:error: type specifier missing, defaults to 'int'; ISO C99 and later do not support implicit int [-Wimplicit-int]
net-analyzer/tcpdump-4.99.1/clang15.log:51:error: call to undeclared library function 'strcmp' with type 'int (const char *, const char *)'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration]
net-analyzer/tcpdump-4.99.1/clang15.log:55:error: call to undeclared library function 'sscanf' with type 'int (const char *restrict, const char *restrict, ...)'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration]
net-analyzer/tcpdump-4.99.1/clang15.log:68:error: call to undeclared library function 'memset' with type 'void *(void *, int, unsigned long)'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration]
net-analyzer/tcpdump-4.99.1/clang15.log:112:error: call to undeclared function 'ether_ntohost'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration]
net-analyzer/tcpdump-4.99.1/clang15.log:115:error: call to undeclared library function 'exit' with type 'void (int) __attribute__((noreturn))'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration]
```
Signed-off-by: Sam James <sam@gentoo.org>
Don't pad the pflog header with BPF_WORDALIGN(); round up to a multiple
of 4, instead, as that's what all but FreeBSD do, and FreeBSD used to do
that and should go back to doing so (kern/261566).
Don't rely on the OS's pflog include files to define direction types,
reason types, action types, or the layout of the header; instead, define
them ourselves in a header of our own, with #ifs to select the ones that
are only on some platforms. That way, it'll handle some fields and
field values (the ones common to all OSes with pflog) on all OSes, even
ones without pflog.
That also expands the set of direction, reason, and action codes to what
various *BSDs and Darwin support.
Also, handle all the different AF_INET6 values in various *BSDs and
Darwin.
If entering in a function, print also the calling function name with
file name and line number. There may be a small shift in the line number.
In some cases, with Clang 11, the file number is unknown (printed '??')
or the line number is unknown (printed '?'). In this case, use GCC.
To print nothing, like with no instrumentation:
$ make instrument_off
As before, the following commands are available:
To configure the printing of only the global functions names:
$ make instrument_global
To go back to print all the functions names:
$ make instrument_all
The library libbfd is used, therefore the binutils-dev package is required.
It prints now, by default, also the static functions names.
To configure the printing of only the global functions names, as before:
$ make instrument_global
To go back to print all the functions names:
$ make instrument_all
In case of truncation, the indentation level is reset to its previous
level in pretty_print_packet().
[skip ci]
This should help some debugging processes.
Usage:
./configure --enable-instrument-functions
Generate instrumentation calls for entry and exit to functions.
Just after function entry and just before function exit, these
profiling functions are called and print the function names with
indentation and call level.
To instument a static function, remove temporarily the static specifier.
In case of truncation, the indentation level is reset currently to 1 in
pretty_print_packet(), main is level 0.
While cross-compile, ./configure --host=xxx will output:
"checking whether printf(3) supports the z length modifier...
configure: error: in `/${path_to_tcpdump}/tcpdump':"
That is casued by AC_RUN_IFELSE, as describe in
"https://www.gnu.org/software/autoconf/manual/autoconf-2.63/html_node/Runtime.html"
, if AC_RUN_IFELSE do not have cross-compile option, configure prints an error message and exits.
Signed-off-by: Mingrui Ren jiladahe1997@gmail.com
Even after commit 6393bb6 --with-sandbox-capsicum didn't work entirely
as documented, as it defaulted to disabled:
checking whether to sandbox using capsicum... no
checking whether to sandbox using Casper library... no
Get the test condition right so it does what it says:
checking sys/capsicum.h usability... yes
checking sys/capsicum.h presence... yes
checking for sys/capsicum.h... yes
checking for cap_enter... yes
checking for cap_rights_limit... yes
checking for cap_ioctls_limit... yes
checking for openat... yes
checking for cap_init in -lcasper... yes
checking for cap_gethostbyaddr in -lcap_dns... yes
checking whether to sandbox using capsicum... yes
checking whether to sandbox using Casper library... yes
Sun C 5.9 does not support C99. GCC 4.6.4 recognizes -std=gnu99, but
does not support the z length modifier in printf(3). In either case 18
tests fail in the following manner:
< [...]: domain [length 0 < 12] (invalid)
---
> [...]: domain [length 0 < zu] (invalid)
Make these tests conditional and disable them when HAVE_NO_PRINTF_Z is
defined. Modify the Autoconf leg of the build process to define the
macro when printf() does not handle %zu as expected. The CMake leg looks
broken on Solaris 9 with 2.8.9 now, so leave it be for now.
