IO plugins for libpcap #914
Conversation
mcr
force-pushed
the
raybellis-gzip-v2
branch
4 times, most recently
from
8045922
to
6796dc9
Compare
pcap-ioplugin.c
Outdated
| goto fail; | ||
| } | ||
|
|
||
| #if HAVE_DLOPEN |
There was a problem hiding this comment.
Here, I think we should also depend upon WANT_IOPLUGIN, so that it can be compiled out, even if dlopen exists.
| @@ -98,6 +98,22 @@ extern int pcap_utf_8_mode; | |||
| ((ull & 0x000000000000ff00ULL) << 40) | \ | |||
| ((ull & 0x00000000000000ffULL) << 56) | |||
|
|
|||
| /* | |||
| @@ -1042,6 +1042,23 @@ PCAP_API int pcap_remoteact_list(char *hostlist, char sep, int size, | |||
| PCAP_API int pcap_remoteact_close(const char *host, char *errbuf); | |||
| PCAP_API void pcap_remoteact_cleanup(void); | |||
|
|
|||
| /* | |||
There was a problem hiding this comment.
We need to have a doc/ioplugin.md
mcr
force-pushed
the
raybellis-gzip-v2
branch
from
37648c5
to
2e7e32f
Compare
| #include "ftmacros.h" | ||
|
|
||
| #ifdef _WIN32 | ||
| #include <pcap-stdinc.h> |
There was a problem hiding this comment.
There's no such header file; it was removed in 787f37e.
You need to directly include what's needed.
testprogs/selpolltest.c
Outdated
| @@ -74,7 +74,7 @@ main(int argc, char **argv) | |||
| struct bpf_program fcode; | |||
| char ebuf[PCAP_ERRBUF_SIZE]; | |||
| pcap_if_t *devlist; | |||
| int selectable_fd; | |||
There was a problem hiding this comment.
This change is already in the main branch from commit fbb5e9e (and is unrelated to the I/O plugins).
|
This looks as if it's not up to date with all the main branch changes, so it probably needs to be rebased. |
fxlb
force-pushed
the
raybellis-gzip-v2
branch
from
b11a4bd
to
4f4524c
Compare
|
Rebased. |
| const pcap_ioplugin_t* | ||
| pcap_ioplugin_init(const char *name) | ||
| { | ||
| void *lib = NULL; |
There was a problem hiding this comment.
./pcap-ioplugin.c: In function 'pcap_ioplugin_init':
./pcap-ioplugin.c:159:8: warning: unused variable 'lib' [-Wunused-variable]
159 | void *lib = NULL;
| ^~~
There was a problem hiding this comment.
There are several issus here.
- On UN*X, we need either to assume we have the
dlopen()APIs or check for it in CMakeLists.txt as well. It's specified in POSIX and, as far as I know, the only general-purpose UN*Xes that don't have it we're likely to encounter are 1) 32-bit HP-UX (which has its own API) and 2) perhaps older versions of AIX. However, perhaps some embedded Linux distributions have a cut-back libc that doesn't have it. - We're not handling Windows which has its own APIs for this.
- If we don't have any way to load plugins, we shouldn't define a variable to hold the plugin handle.
|
If we support plugins for writing files, and you're on a platform where packet capture requires elevated privileges, and the user can specify a plugin with an arbitrary path name with an environment variable, every program that uses the pcap dumping APIs needs to be Very Careful to surrender all elevated privileges before doing anything that causes the plugins to be loaded. This requires some more thought. |
fxlb
force-pushed
the
raybellis-gzip-v2
branch
from
4f4524c
to
30d8c15
Compare
|
Rebased. |
|
If the only functions implemented by a plugin would be a custom read function and a custom write function, would it be simpler to use |
|
the-tcpdump-group/tcpdump#458 seems to implement a similar idea, although the code seems a bit more complicated than I thought and uses |
|
the-tcpdump-group/tcpdump#935 is yet another alternative implementation. |
rebased upon master