This can prevent bizarre failures if, for example, you've done a
configuration in the top-level source directory, leaving behind one
config.h file, and then do an out-of-tree build in another directory,
with different configuration options. This way, we always pick up the
same config.h, in the build directory.
Use EXTRACT_U_1() as required by those changes. Remove
no-longer-necessary & operators from other EXTRACT_ calls.
While we're at it, add MAC_ADDR_LEN to netdissect.h, and use it instead
of ETHER_ADDR_LEN; eliminate ETHER_ADDR_LEN.
Move the maximum Ethernet length field value to ethertype.h, under the
name MAX_ETHERNET_LENGTH_VAL.
Move the Ethernet header structure, and the #define for the Ethernet
header length, to print-ether.c; in non-Ethernet dissectors that were
using the Ethernet header structure, just declare two nd_mac_addr
variables for the source and destination MAC addresses and use them
instead of the Ethernet header (we don't need the type field there).
These changes leave nothing in ether.h, so eliminate it.
If a protocol that runs under a link-layer protocol would print the
link-layer addresses for the packet as source and destination addresses
for the packet, don't have it blithely assume those link-layer addresses
are present or are at a particular offset from the beginning of that
protocol's data; Ethertypes, for example, are used by a number of
protocols, not all of which have Ethernet headers and not all of which
have any MAC headers.
Instead, pass the printers for those protocols structures with a pointer
to the address data and a pointer to a routine that prints the address.
Fixes some heap overflows found with American Fuzzy Lop by Hanno Böck.
with the tag '\summary:' for greping.
Remark: Currently some printers have no summary line.
Moreover:
Summarize all printers with a single line in INSTALL.txt
Print them the same way other headers are printed ("src > dst, length l").
For FDDI, always print the frame control field symbolically
For Token Ring, print the AC and FC fields unless the -q flag was given,
just as we do for the FC field for FDDI.
Have llc_print() return the length of the LLC header, plus the length of
the SNAP header, if available - or, if it couldn't dissect the payload,
return the *negative* of that sum. Use that return value in link-layer
printers.
Don't print LLC header information for SNAP packets; if we have a SNAP
header, just call snap_print() and return its return value, regardless
of whether it's 1 or 0, don't fall into the code to print raw LLC header
information - and don't print it with -e, either.
If llc_print() returns 0, just call the default packet printer, don't
print the MAC-layer header or the extracted ethertype - llc_print() will
print the source and destination MAC addresses and whatever type
information is in the LLC or SNAP headers.
If we don't know the DSAP/LSAP, and it's an information frame (numbered
or not) and not an XID frame, return 0, so that we give a hex dump of
the raw payload.
In addition, print the length when printing SNAP header information with
-e.
The purpose of this macro was to enable the file-by-file switch to NDO,
after which only tcpdump.c had a use of it and the definitions guarded
by it. Update tcpdump.c not to require them any more and dismiss the
unused definitions.
Have them take a netdissect_options * argument, and get the "no name
resolution" flag from it.
Move the declaration of dnaddr_string to addrtoname.h, along with the
other XXX-to-string routines.
Both interface.h and netdissect.h include <pcap.h>, thus most files
should not include it regardless if these need it or not. The only
exceptions so far remain:
* addrtoname.c
* missing/datalinks.c
* missing/dlnames.c
* tcpdump.c
Remove lots of $Header's and a few $Id's that all belong to the former
CVS repository of tcpdump itself. These keywords have been frozen since
the migration to git in late 2008.
For headers included in only one source file, put the header contents in
the source file in question, and get rid of a bunch of stuff from the
header not used in the source file.
having its callers do so - some of its callers *weren't* doing so,
leaving random junk in that argument in some cases.
When checking for "802.3-encapsulated" IPX, check the raw values of the
SSAP and DSAP for 0xFF, don't check them after the low-order bit has
been masked off.
The "flag" values in the LLC header aren't bits, they're combinations of
bits, including the combination "no bits"; don't use "bittok2str()" on
them. Also, combine the proper bits, namely the C/R bit (which we
weren't combining) and the P/F bit (which we were).
link-layer print routines if no other print routine claimed the packet.
Test whether that flag is set rather than testing whether neither of -x
or -q were specified, and have -x, -q, *and* -X set that flag, so that
-X suppresses it just as -x does. That way you don't get those pckets
dumped twice if -X was specified.
appropriately, and that GNUmakefile and the MSVC++ project file define
it apppriately, as we do with libpcap, rather than defining it in
"interface.h".
Undo the rcsid-shuffling and addition of extra #includes, as we no
longer need to arrange that "interface.h" be included before using _U_
in an RCS ID or copyright.
use "_U_" in the definitions of "rcsid[]", to eliminate
complaints about those variables being unused;
move the definitions after the include of "interface.h", or add
an include of "interface.h", so that "_U_" is defined.
Include "config.h" before including "tcpdump-stdinc.h" in
"missing/datalinks.c".
tcpdump.c. Have if_print routines return the length of the link-layer
header, so that the common code knows how to skip the link-layer header
when printing the packet in hex/ASCII.
beginning of the raw packet data, the captured length of the raw packet
data, and the length of the link-layer header, and:
if "-e" was specified, prints all the raw packet data;
if "-e" was not specified, prints all the raw packet data past
the link-layer header, if there is any.
Use that routine in all the "xxx_if_print()" routines if "-x" was
specified.
Make "arcnet_encap_print()" static - it's not used outside
"print-arcnet.c".
Add missing info printing code to "atm_if_print()".
Print the packet data in "lane_if_print()", not in "lane_print()", as
"lane_print()" can be called from other "xxx_if_print()" routines, and
those routines will also print the packet data if "-x" was specified -
no need to print it twice.
dissector really needs source and destination MAC addresses, we should
make global pointers to them - which would be null for packets lacking
MAC addresses, so dissectors that need them will need to do something
sensible if those pointers are null.)
Don't fake up an Ethernet header if there aren't any MAC addresses to
use when faking it up.
"bp_chaddr" in "print-bootp.c" is an array, so "bp->bp_chaddr" cannot be
null, and there's no need to test for it not being null.
unused-parameter problems reported by GCC. Add an _U_ tag to label
parameters as unused if the function is called through a pointer (so
that you can't change its signature by removing parameters) or if there
are unused parameters only because the function isn't complete.
Add some additional bounds checks the necessity for which was revealed
while cleaning up unused-parameter problems.
Make some routines static.
"lcp_print()", defined in "print-lcp.c", isn't called anywhere -
"print-ppp.c" has the code to dissect LCP. Get rid of "print-lcp.c".
it in the routines, called by the top-level routines, to dissect
Ethernet, FDDI, or Token Ring packets, as those routines might also be
called for bridged frames over ATM, and the interface print routine for
ATM will also do "-x" printing.
them in "print-sll.c" - as a cooked-mode capture may be reading from
non-Ethernet, non-802.x devices, it may well see some
ETH_P_/LINUX_SLL_P_ types that don't mean "this is an 802.2 LLC frame".
We currently assume that the ETH_P_ values won't change in the kernel,
so we don't have to explicitly map them.
In various link-layer packet printers, if we don't handle the next layer
up of packet type, and are printing the link-layer header, use the
correct pointer to that header (i.e., if we've stepped "p" past the
link-layer header, don't use "p", use a pointer to the beginning of the
packet), and use the correct length (i.e., if we've subtracted the
length of the link-layer header, add it back in, so that we always print
the full packet length).
dissectors that expected calls to "llc_print()" to set it. (Thanks and
a tip of the hat to Olaf Kirch <okir@caldera.de> for noticing this.)
Make "ether_encap_print()" and "llc_print()" take a pointer to an
extracted-Ethertype variable as an argument, have "llc_print()" pass it
to "ether_encap_print()", and have "ether_encap_print()" set what it
points to rather than setting a static "extracted_ethertype" variable.
Get rid of said static "extracted_ethertype" variable in favor of one
local to "ether_if_print()", just as other link-layer dissectors have
local "extracted_ethertype" variables.
4 bytes, even though no member in the structure requires such an
alignment; don't use "sizeof (struct ether_header)" or "sizeof (struct
fddi_header)", explicitly #define the header length and use that
#defined value.
"struct mbuf" and "struct rtentry" - they shouldn't be necessary (and
weren't on the platforms on which I tested, both with GCC and the native
compiler if it isn't GCC).
have dissectors include them rather than <netinet/ip.h> or
<netinet/ip_var.h>, if they actually need that stuff.
Put the declarations of the ICMP stuff directly into "print-icmp.c".
Remove all unnecessary includes of <netinet/ip*.h> files.
Copy the byte-order stuff from "nameser.h" into "tcp.h".
