isn't always very suggestive - for example, somebody might think
"EN10MB" is always 10 MB/s, and might not know that "IEEE802" is Token
Ring), using "pcap_datalink_val_to_description()". Supply our own
"pcap_datalink_val_to_description()" if libpcap doesn't have it (even if
it has "pcap_datalink_name_to_val()").
safer way to terminate "pcap_loop()" in a signal handler (it just sets a
flag, it doesn't muck with data structures that might have been in the
middle of being updated).
Have "setsignal()" not request SA_RESTART, so that if we call
"pcap_breakloop()" in a signal handler and then return, we don't restart
a call that was waiting for captured packets, we just make that call
EINTR out.
inet_ntop/inet_pton/inet_aton, and don't use AC_REPLACE_FUNCS to set
LIBOBJS to include the replacement module, as that does the full check
for the routine again, not just the simple replacement.
Move the tests in question after AC_LBL_LIBPCAP, so that we link with
the appropriate libraries (e.g., "-lsocket -lnsl" on Solaris) to use
when using those routines.
the output stream for "-w" to be flushed after each packet is dumped.
Add checks for "pcap_dump_flush()", and only enable the "-U" flag if
it's present. Clean up the handling of the "getopt()" argument and the
usage message to get rid of the pile of #ifdefs.
Add documentation for the "-L" and "-y" flags.
Tweak the description of "-r" to properly format "-w" in the text.
Young <dyoung@ojctech.com>, with some minor changes by Jason R. Thorpe
<thorpej@netbsd.org>, and further changes by me to:
use "-y" rather than "-D" to set the link type ("-D" was already
taken);
use libpcap APIs to map between data link type names and values;
supply stub versions of missing-but-needed libpcap APIs.
Update Jason Thorpe's e-mail address (Zembu is going away, if it hasn't
done so already).
the libpcap that comes with some platforms doesn't define it.
Check for "pcap_debug" and "yydebug" in libpcap in the configure
scripts, so that whichever one is present (which might depend on whether
libpcap was built with standard YACC or Berkeley YACC/Bison), if any is
present, will be used by the "-Y" flag (if none is present, "-Y" won't
be supported).
From Neil T. Spring: fixes for many of those warnings:
addrtoname.c, configure.in: Linux needs netinet/ether.h for
ether_ntohost
print-*.c: change char *foo = "bar" to const char *foo = "bar"
to appease -Wwrite-strings; should affect no run-time behavior.
print-*.c: make some variables unsigned.
print-bgp.c: plen ('prefix len') is unsigned, no reason to
validate by comparing to zero.
print-cnfp.c, print-rx.c: use intoa, provided by addrtoname,
instead of inet_ntoa.
print-domain.c: unsigned int l; (l=foo()) < 0 is guaranteed to
be false, so check for (u_int)-1, which represents failure,
explicitly.
print-isakmp.c: complete initialization of attrmap objects.
print-lwres.c: "if(x); print foo;" seemed much more likely to be
intended to be "if(x) { print foo; }".
print-smb.c: complete initialization of some structures.
In addition, add some fixes for the signed vs. unsigned comparison
warnings:
extract.h: cast the result of the byte-extraction-and-combining,
as, at least for the 16-bit version, C's integral promotions
will turn "u_int16_t" into "int" if there are other "int"s
nearby.
print-*.c: make some more variables unsigned, or add casts to an
unsigned type of signed values known not to be negative, or add
casts to "int" of unsigned values known to fit in an "int", and
make other changes needed to handle the aforementioned variables
now being unsigned.
print-isakmp.c: clean up the handling of error/status indicators
in notify messages.
print-ppp.c: get rid of a check that an unsigned quantity is >=
0.
print-radius.c: clean up some of the bounds checking.
print-smb.c: extract the word count into a "u_int" to avoid the
aforementioned problems with C's integral promotions.
print-snmp.c: change a check that an unsigned variable is >= 0
to a check that it's != 0.
Also, fix some formats to use "%u" rather than "%d" for unsigned
quantities.
return a structure pointer. Check whether the C compiler can handle
inline functions that return a structure pointer, not whether they can
handle inline functions that return an int, as at least some versions of
autoconf's AC_C_INLINE do.
Here is a patch that addresses a few SSL-related issues noticed:
1. The "/usr" directory is not the best choice to start looking
for SSL libraries when cross-compiling. The patch adds
"/usr/${host_alias}" at the front. Actually the test is quite
bogus anyway -- there might be no libcrypto.a library at all
(but e.g. libcrypto.so), so a better approach would be trying to
link against -lcrypto and seeing if that works. First with no
additional options (it might be in the default compiler/linker's
search patch, like on sane systems), then with the -L<dir>
option.
2. The "cast.h" and "rc5.h" headers should include the
"openssl/" path as that is what is used throughout the code.
Right now they are simply not found by configure.
3. The buggy CAST128 test should use a cache variable to permit
overriding by an educated user.
I think I may actually rewrite the test as described in #1 above
one day, but my time is quite limited and tcpdump is not my
priority task, so it might not happen soon. I won't mind if
someone does it earlier.
DECnet support currently assumes certain conditions instead of
checking for them explicitly. The following code checks if
dnet_htoa() is available, possibly in libdnet and also verifies
there is no declaration for the function in <netdnet/dnetdb.h>
before it decides to provide a substitute.
(which doesn't actually seem to be significantly more efficient than
"strdup()", at least not to the extent that it makes any difference to
"tcpdump"), modified to use the BSD "strdup()", rather than the old
"savestr()", on platforms that lack "strdup()".
version of "snprintf()" unless the platform on which we're running lacks
"snprintf()" or "vsnprintf()" - if it lacks one of the "asprintf" family
of routines, we don't drag it in, as we don't use those routines.
Digital UNIX using "ip_vhl" rather than "ip_v" and "ip_hl" bitfields if
__STDC__ is defined (we have our own "ip.h", and we don't use bitfields
in it).
Get rid of HAVE_INET_ATON, HAVE_INET_NTOP, and HAVE_INET_PTON - we don't
use them; instead, we supply our own versions of "inet_aton()",
"inet_ntop()", and "inet_pton()". (Defining them in "configure.in"
caused complaints from "autoreconf".)
Check for the "rc5.h" header, as we *do* use HAVE_RC5_H.
"linux-includes/netinet/if_ether.h" to "ethertype.h".
Move other stuff used by dissectors from <netinet/if_ether.h> to
"ether.h", along the lines of "fddi.h" and "token.h".
Move ARP declarations from BSD include files to "print-arp.c".
Remove from dissectors includes of <netinet/if_ether.h>, and add
includes of "ethertype.h" and/or "ether.h" as necessary.
Get rid of configuration options that test declarations now made in
"ether.h" or "print-arp.c", as those declarations are now under our
control, not the OS's control.
Here is a new version of the libsmi patch for tcpdump. It provides
some bug fixes and some enhancements such as access checking and
better range checking. The patch also fixed a few bugs in the
print_snmp.c module of tcpdump itself (unrelated to the usage of
libsmi).